Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add glibc 2.24 io file bypass #98

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

add glibc 2.24 io file bypass #98

wants to merge 1 commit into from

Conversation

WinMin
Copy link

@WinMin WinMin commented Mar 20, 2019

No description provided.

@mdulin2
Copy link
Contributor

mdulin2 commented May 13, 2020

Is there a reason this has not been addressed? I thought the inclusion of a bypass of the patch would be useful.

@Kyle-Kyle
Copy link
Contributor

@mdulin2 This is not addressed because it is actually a file io exploitation technique. Although attackers often abuse file io after heap exploit, personally, I'm not sure whether it belongs to this repo.

@mdulin2
Copy link
Contributor

mdulin2 commented May 20, 2020
edited
Loading

Yeah, I see your point; the lines kind of blurry on what's a new heap exploitation technique I feel like. I do think it would be nice if the House of Orange Technique would work in versions after 2.23 though.

Maybe add a link to this PR inside of the house_of_orange.c to show that there is a way to make this technique work in versions after 2.23 but not add this to the repo directly? I still think this is useful to have around in some capacity.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@WinMin @mdulin2 @Kyle-Kyle