‘Bypassing Windows Heap Protections’


Nicolas Falliere posted an article explaining how to bypass Windows heap protections and to perform heap overflow in general. In this article Nicolas presents a new way to exploit heap-based buffer overflows..’


‘The information has been provided by Nicolas Falliere.
The original article can be found at: http://www.packetstormsecurity.com/papers/bypass/bypassing-win-heap-protections.pdf


”Basically, one can use critical section related linking structures stored on the process’s default heap to produce a n*4-byte overwrite. Gaining control is another problem, only memory overwrite is discussed in the paper…’
The complete whitepaper can be downloaded from: http://www.packetstormsecurity.com/papers/bypass/bypassing-win-heap-protections.pdf

Related articles:
Defeating Microsoft Windows XP SP2 Heap Protection and DEP Bypass

Categories: Reviews