https://github.com/sslab-gatech/archeap
ArcHeap: Automatic Techniques to Systematically Discover New Heap Exploitation Primitives
https://github.com/sslab-gatech/archeap
fuzzing heap-exploitation
Last synced: about 1 year ago
JSON representation
ArcHeap: Automatic Techniques to Systematically Discover New Heap Exploitation Primitives
- Host: GitHub
- URL: https://github.com/sslab-gatech/archeap
- Owner: sslab-gatech
- Created: 2019-10-15T00:08:30.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2021-03-03T05:40:46.000Z (over 5 years ago)
- Last Synced: 2025-03-21T15:45:24.333Z (over 1 year ago)
- Topics: fuzzing, heap-exploitation
- Language: C
- Homepage:
- Size: 29.3 KB
- Stars: 150
- Watchers: 27
- Forks: 17
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# ArcHeap: Automatic Techniques to Systematically Discover New Heap Exploitation Primitives
## Environment
- Tested on Ubuntu 16.04 64bit
## Installation
```bash
$ ./setup.sh
$ ./install_dependencies.sh
$ ./build.sh
```
## Installation using Docker
```bash
$ ./setup.sh
$ docker build -t archeap .
$ docker run -it archeap /bin/bash
```
## How to use
Please check our [artifact](artifact).
## Trophies
- [Overlapping chunks with double free in mimalloc](https://github.com/microsoft/mimalloc/issues/161)
- [Overlapping chunks with double free in DieHarder](https://github.com/emeryberger/DieHard/issues/12)
- [Overlapping chunks with negative size allocation in mesh](https://github.com/plasma-umass/Mesh/issues/62)
- [Arbitrary chunks with overflow in ptmalloc2](https://github.com/shellphish/how2heap/pull/77)
- [Several other techniques](techniques)
## Authors
- Insu Yun (insu@gatech.edu)
- Dhaval Kapil (me@dhavalkapil.com)
- Taesoo Kim (taesoo@gatech.edu)
## Publications
```
@inproceedings{yun:archeap,
title = {{Automatic Techniques to Systematically Discover New Heap Exploitation Primitives}},
author = {Insu Yun and Dhaval Kapil and Taesoo Kim},
booktitle = {Proceedings of the 29th USENIX Security Symposium (Security)},
month = aug,
year = 2020,
}
```