how2heap

[con...@connornelson.com]

This is probably the best heap exploitation resource that exists:

https://github.com/shellphish/how2heap/blob/master/README.md

It goes into some detail on various common heap vulnerabilities, and then demonstrates how to exploit it in simple, compilable C files. These C files aren't meant to be realistic programs, but just to demonstrate the flow of the attack. However, it also provides applicable CTF (cybersecurity based capture the flag) challenges (which are more realistic) that can be attacked using these methods, which would be very good practice if you are at all interested in this stuff (just know that most of them are going to be a bit more difficult then what you might be used to, and often just provide stripped binaries with no source code). There are also links to other useful resources.

I should probably also point out that this resource was largely created by one of CIDSE's new professors, Yan Shoshitaishvili (zardus), who captained one of the top CTF teams in the world, Shellphish, and placed top 3 in a DARPA's Cyber Grand Challenge, which was basically a competition to autonomously discover and exploit these sorts of vulnerabilities. He's teaching a graduate class next semester titled "Topic: Automatic Binary Code/Software Analysis" if you are interested in learning more about this sort of stuff (from the automated perspective).