Description:

• Understand a Heap memory and ways malloc() uses them.
• Ways a Heap allocation can be exploited and gain a shell access.
• Debug the Heap corruption, writing a shellcode and investigate this with pwndbg (https://github.com/pwndbg/pwndbg) .
• pwndbg (/poʊndbæg/) is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers.

Prerequisites:

A Ubuntu system with basic installations (gcc, gdb, vim etc), and a source code with pwndbg for demonstration.

Content URLs:

I am a member of Kernel security team in Red Hat, This presentation will mostly have security as a basic content. This will need a basic C language understanding.

Speaker Info:

Hello Everyone, My name is Rohit Keshri, works as Product Security Engineer in Kernel Space in Red Hat.

Speaker Links:

https://github.com/rohitkeshri