SensePost
SensePost
Services
Education
About Us
Careers
Blog
Get in Touch
Our Blog
Our news
All you need to know
2020 (2)
2019 (10)
2018 (14)
2017 (27)
2016 (22)
2015 (17)
2014 (15)
2013 (30)
2012 (27)
2011 (33)
2010 (36)
2009 (81)
2008 (75)
2007 (80)
Categories
Categories
Browser (1)
Browsers (1)
Chrome (1)
Exploit development (2)
Exploitation (1)
Javascript (1)
Reverse engineering (2)
V8 (1)
Fun (58)
Hardware (4)
Playstation (1)
Reversing (16)
Internal (2)
Webapps (13)
Radio (1)
Real-world (20)
Redteam (1)
Rf (2)
Shells (5)
Usb (2)
Doom (1)
Frida (4)
Games (1)
Sensecon 2019 (1)
Cve (5)
Exploit (13)
Variant analysis (1)
Vulnerability research (1)
Code analysis (1)
Cve-2019-15937 (1)
Cve-2019-15938 (1)
Ql (1)
Semmle (1)
Vulnerability (2)
Unknowncategory (1)
Metasploit (5)
Meterpreter (1)
Objection (1)
Defcon (8)
Relay (1)
Rogue-ap (5)
Tool (2)
Wifi (10)
Cve-2019-0547 (1)
Cve-2019-0726 (1)
Dhcp (1)
Kb4480966 (1)
Patch diffing (1)
Research (72)
Diffing (1)
Protocol (1)
Windows (4)
Backdoor (3)
Lsass (1)
Password (1)
Deepdive (2)
Ios (6)
Mac (16)
Internals (4)
0day (1)
Cve-2018-19204 (1)
Prtg network monitor (1)
Web application (1)
How-to (4)
Howto (23)
Webassembly (1)
Opsec (1)
Tin-foil-hat (8)
Bypass (3)
Command execution (1)
Dns (1)
Experiment (2)
Ioc (1)
Malware (2)
Tools (78)
Tunnelling (2)
Mitm (5)
Heap (7)
Heap linux (7)
Heap overflow (4)
Apngopt (2)
Exploitaion (4)
Bash (1)
Curl (1)
Efficiency (1)
Shell (1)
Mq (1)
Detection (1)
Analysis (13)
Build-it (5)
Interception (1)
Tricks (6)
Sdr (3)
Active directory (2)
Cracking (1)
Gdb (1)
Apng (1)
Android (4)
Double free (2)
Linux (4)
Automated network scanner (2)
Challenge (4)
Bsides (1)
Go go go (1)
Screenshot (1)
Crypto (9)
Office (1)
Burp (1)
Certificates (2)
Defence (1)
Skimmers (1)
Materials (5)
Pwnage friday (1)
Painless (1)
Ptmalloc2 (1)
About:us (46)
Mobile (15)
Blackhat (43)
Training (54)
Apache server (1)
Fuzzing (1)
Httpd (1)
Afl (1)
Cve-2017-7668 (1)
Printf (1)
Conferences (91)
Ook (1)
External (1)
Troopers (1)
Abuse (1)
Empire (3)
Programming (19)
B-sides (5)
Nmap (2)
Presentations (9)
Dll injection (1)
Hooking (2)
Anti-virus (1)
Maltego (6)
Snoopy (3)
Pentest (6)
Powershell (2)
Defense (3)
Infrastructure (5)
Blackbox (1)
Ransomware (1)
Post-exploitation (4)
Skype (3)
Transforms (1)
Zacon (1)
Willemluvscuddles (1)
Clickjacking (2)
Hipsterlurv (1)
Jack (1)
Hipster (1)
Ssl (1)
.za (3)
Jobs (5)
Product (4)
#legit (1)
Press release (4)
Interns (1)
Python (9)
Broadview (4)
Xml (1)
Malware analysis (1)
44con (6)
Show-off (1)
Z-force (1)
Z-wave (1)
Infosec-soapies (26)
Local (8)
Silly-yammerings (21)
Google (1)
Memory analysis (1)
Footprinting (2)
Hackathon (1)
Privacy (7)
Community (21)
Surveillance (1)
Solution (1)
Rsa (1)
Secureid (1)
Crest (1)
Sap (2)
Threat modelling (6)
Rambling (2)
Uk (2)
Zaprize (2)
Auditors (1)
Metrics (3)
Risk management (2)
Vendors (7)
Metricon (2)
Report-info (1)
Uncon (2)
Windows phone (1)
Auctions (1)
Penny (1)
Pickle (4)
Consulting (1)
Policy (1)
Ccdcoe (1)
Estonia (1)
.ac.za (1)
Vulnerability management (10)
Travel (2)
Suru (1)
Cloud (12)
Memcached (2)
Management (1)
Risk (1)
Proxy (1)
Hackrack (2)
Goodbye (1)
Fail (3)
Imsojaded (2)
Pci (2)
Videos (6)
Hope? (2)
Wasc (1)
Security-news (6)
Mindless-politics (4)
Security-fyi (8)
Qo[w|m|?] (4)
Time-waster (6)
Tech-toys (3)
Zen-hacking (3)
Foos (1)
Readme (1)
Web_x.0 (2)
Mindmaps (1)
Writing-advice (1)
Close
Linux Heap Exploitation Intro Series: Used and Abused – Use After Free
Reading time: ~9 min
Posted by javier on 28 July 2017
Categories:
Heap
,
Heap linux
,
Pwnage friday
,
Exploit
,
Exploitaion
,
Painless
,
Ptmalloc2
Intro After analysing the implementation of ptmalloc2 which, is a must read if you don’t know anything about the linux userland...