44CON 2019 has ended
Back To Schedule
Thursday, September 12 • 13:30 - 15:29
Max Kamper - Introduction to GLIBC heap exploitation

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
A 2-hour workshop introducing folks to the basics of GLIBC heap exploitation, covering two publicly known but oft-misunderstood GLIBC heap exploit methods. VMs will be provided with the workshop, and the “House of force” and “fastbin dup” techniques will be covered in depth.

Students will learn two heap exploitation techniques whilst writing exploits against two vulnerable binaries. It is aimed at those will little to no GLIBC heap experience. A lot of people who CTF are keen on learning about heap exploitation since there are always heap-based challenges and each year new techniques are brought to light. What stops them from learning these techniques is the misconception that heap exploits are prohibitively difficult to write, my workshop is there to dispel this myth and provide a starting point for those who wish to start learning new exploit development techniques.


Max Kamper

Applied Intelligence Laboratories
An ex-Royal Marines Commando turned cyber-security enthusiast. Max cut his teeth on electronic warfare operations and now works as a researcher for Applied Intelligence Laboratories. Author of the “ROP Emporium”, he spends his time compiling the GNU C library and wondering how... Read More →

Thursday September 12, 2019 13:30 - 15:29 BST
* Workshop *