forked from shellphish/how2heap
-
Notifications
You must be signed in to change notification settings - Fork 0
/
descriptions.py
1 lines (1 loc) · 2.82 KB
/
descriptions.py
1
descs = {'tcache_stashing_unlink_attack': 'Exploiting the overwrite of a freed chunk on small bin freelist to trick malloc into returning an arbitrary pointer\n\tand write a large value into arbitraty address with the help of calloc.', 'poison_null_byte': 'Exploiting a single null byte overflow.', 'large_bin_attack': 'Exploiting the overwrite of a freed chunk on large bin freelist to write a large value into arbitrary address.', 'fastbin_dup': 'Tricking malloc into returning an already-allocated heap pointer by abusing the fastbin freelist.', 'unsafe_unlink': 'Exploiting free on a corrupted chunk to get arbitrary write.', 'house_of_einherjar': 'Exploiting a single null byte overflow to trick malloc into returning a controlled pointer.', 'fastbin_reverse_into_tcache': 'Exploiting the overwrite of a freed chunk in the fastbin to write a large value into an arbitrary address.', 'house_of_roman': 'Leakless technique in order to gain remote code execution via fake fastbins, the unsorted_bin attack and relative overwrites.', 'tcache_house_of_spirit': 'Frees a fake chunk to get malloc to return a nearly-arbitrary pointer.', 'house_of_botcake': 'Bypass double free restriction on tcache. Make tcache_dup great again.', 'house_of_spirit': 'Frees a fake fastbin chunk to get malloc to return a nearly-arbitrary pointer.', 'unsorted_bin_into_stack': 'Exploiting the overwrite of a freed chunk on unsorted bin freelist to return a nearly-arbitrary pointer.', 'house_of_orange': 'Exploiting the Top Chunk (Wilderness) in order to gain arbitrary code execution.', 'tcache_poisoning': 'Tricking malloc into returning a completely arbitrary pointer by abusing the tcache freelist.', 'tcache_dup': 'Tricking malloc into returning an already-allocated heap pointer by abusing the tcache freelist.', 'overlapping_chunks_2': 'Exploit the overwrite of an in use chunk size in order to make a new allocation overlap with an existing chunk.', 'house_of_force': 'Exploiting the Top Chunk (Wilderness) header in order to get malloc to return a nearly-arbitrary pointer.', 'mmap_overlapping_chunks': 'Exploit an in use mmap chunk in order to make a new allocation overlap with a current mmap chunk.', 'house_of_lore': 'Tricking malloc into returning a nearly-arbitrary pointer by abusing the smallbin freelist.', 'unsorted_bin_attack': 'Exploiting the overwrite of a freed chunk on unsorted bin freelist to write a large value into arbitrary address.', 'fastbin_dup_consolidate': 'Tricking malloc into returning an already-allocated heap pointer by putting a pointer on both fastbin freelist and unsorted bin freelist.', 'fastbin_dup_into_stack': 'Tricking malloc into returning a nearly-arbitrary pointer by abusing the fastbin freelist.', 'overlapping_chunks': 'Exploit the overwrite of a freed chunk size in the unsorted bin in order to make a new allocation overlap with an existing chunk.'}