ArcHeap: Automatic Techniques to Systematically Discover New Heap Exploitation Primitives
Environment
- Tested on Ubuntu 16.04 64bit
Installation
$ ./setup.sh
$ ./install_dependencies.sh
$ ./build.sh
Installation using Docker
$ ./setup.sh
$ docker build -t archeap .
$ docker run -it archeap /bin/bash
How to use
Please check our artifact.
Trophies
- Overlapping chunks with double free in mimalloc
- Overlapping chunks with double free in DieHarder
- Overlapping chunks with negative size allocation in mesh
- Arbitrary chunks with overflow in ptmalloc2
- Several other techniques
Authors
- Insu Yun ([email protected])
- Dhaval Kapil ([email protected])
- Taesoo Kim ([email protected])
Publications
@inproceedings{yun:archeap,
title = {{Automatic Techniques to Systematically Discover New Heap Exploitation Primitives}},
author = {Insu Yun and Dhaval Kapil and Taesoo Kim},
booktitle = {Proceedings of the 29th USENIX Security Symposium (Security)},
month = aug,
year = 2020,
}