Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Show HN: Heap Explorer (github.com/heap-exploitation)
73 points by bkallus 11 months ago | hide | past | favorite | 5 comments
I wrote a little LD_PRELOAD library that makes it easy to inspect and interact with a running program's glibc heap.

It's fun to pause processes, free a bunch of their allocations, then resume them. Most of the time, the processes continue as though nothing happened, but sometimes they do interesting things :)



Would be nice to mention how to determine those *_OFFSET constants. For reference, on my linux mint (glibc 2.39) system this gives them:

    gdb /lib/x86_64-linux-gnu/libc.so.6 -ex 'p &main_arena' -ex 'p malloc'
Also, can attach to an existing process via:

    sudo gdb -p <PID_OF_PROCESS> -ex 'call (void*) dlopen("/path/to/libheap_explorer.so", 2)' -ex 'p explore_heap()'


If you are using a Mac, heapster is a different but also interesting tool for learning about what goes on inside the heap

https://blackwinghq.com/blog/posts/playing-with-libmalloc/


Can you modify this to listen to a signal (e.g. SIGUSR) instead, for triggering the REPL?


I went with SIGINT because it's more fun to press ctrl-c than to pgrep and kill. If you'd rather use SIGUSR1, just change SIGINT to SIGUSR1 line 654.


OK. RTFM. You already did! Wonderful.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: