Giters

Ma3k4H3d / AEG

the auto heap exploit analysis based on Angr

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

AEG

Feature

  • solve non-determined menu-type
  • detect and exploit heap vulnerable model in how2heap
  • use bounded model which motivated by heaphopper
  • merge and update scripts in Zerotool

Specify vulnerabilities to detect:

  • arbitrary write
  • allocations over already allocated memory
  • allocations over non-heap-memory
  • freeing of fake chunks

Input Source

  • input-type: STDIN
  • input-type: ARG
  • input-type: LIBPWNABLE

Usage and Test case

Buffer Overflow

Format String

Use After Free

  • check if free chunk mem_write
  • check if free chunk free (Double Free)

Heap Overflow (off-one-by-null)

  • check if malloc chunk header overwrite

Heap Overlap

  • check if malloc chunks (header_size + size) and addr

Free Fake Chunk

  • check if free non_chunk addr

Arbitary Relative Write

Single Bitflip

About

the auto heap exploit analysis based on Angr

License:GNU General Public License v3.0

Languages

Language:C 93.3%Language:C++ 5.1%Language:Python 1.1%Language:Makefile 0.2%Language:Java 0.2%Language:OpenEdge ABL 0.0%Language:Shell 0.0%Language:Assembly 0.0%Language:HTML 0.0%Language:Roff 0.0%