‘Bypassing Windows Heap Protections’

Summary

Nicolas Falliere posted an article explaining how to bypass Windows heap protections and to perform heap overflow in general. In this article Nicolas presents a new way to exploit heap-based buffer overflows..’

Credit:

‘The information has been provided by Nicolas Falliere.
The original article can be found at: http://www.packetstormsecurity.com/papers/bypass/bypassing-win-heap-protections.pdf


Details

”Basically, one can use critical section related linking structures stored on the process’s default heap to produce a n*4-byte overwrite. Gaining control is another problem, only memory overwrite is discussed in the paper…’
The complete whitepaper can be downloaded from: http://www.packetstormsecurity.com/papers/bypass/bypassing-win-heap-protections.pdf

Related articles:
Defeating Microsoft Windows XP SP2 Heap Protection and DEP Bypass

Categories: Reviews