In this challenge, there is a double free
vulnerability by which we can mount the fastbin dup
attack to get an arbitrary write into GOT
table. Then, using a format string
attack, we can leak a libc
address, and finally execute system("/bin/sh")
by overwriting a GOT
entry. This is an interesting heap exploitation
challenge to learn bypassing protections like NX
, Canary
, and ASLR
in x86_64
binaries.
secure_keymanager
Folders and files
Name | Name | Last commit date | ||
---|---|---|---|---|
parent directory.. | ||||