Login
Login

Heap feng shui

In computer security, heap feng shui (also known as heap grooming{{cite web|url=https://googleprojectzero.blogspot.com/2015/06/what-is-good-memory-corruption.html|title=What is a "good" memory corruption vulnerability?|publisher=Google Project Zero|date=June 26, 2015|accessdate=2020-11-11}}) is a technique used in exploits to facilitate arbitrary code execution.{{cite web|url=http://blog.trendmicro.com/heaps-and-bounds/|title=Heaps and Bounds|publisher=Trend Micro|date=September 3, 2007|accessdate=2009-08-10|archive-date=2011-07-17|archive-url=https://web.archive.org/web/20110717100939/http://blog.trendmicro.com/heaps-and-bounds/|url-status=dead}} The technique attempts to manipulate the layout of the heap by making heap allocations of carefully selected sizes. It is named after feng shui, an ancient Chinese system of aesthetics that involves the selection of precise alignments in space.

Operation

The term is general and can be used to describe a variety of techniques for bypassing heap protection strategies. The paper often credited with naming the technique, "Heap Feng Shui in JavaScript",{{cite web |title=Heap Feng Shui in Javascript |url=https://www.blackhat.com/presentations/bh-europe-07/Sotirov/Presentation/bh-eu-07-sotirov-apr19.pdf |website=BlackHat |publisher=Black Hat Europe |accessdate=11 October 2018}} used it to refer to an exploit in which a dangling pointer was aligned with a portion of an attacker-controlled chunk. However, it has also found usage in capture the flag events to describe attacks that exploit characteristics of heap layout, such as the spacing between chunks.{{cite web |last1=Keith |first1=Bruno |title=Baby Feng Shui |website=GitHub |url=https://github.com/bkth/babyfengshui |accessdate=19 June 2018}}

See also

References

{{reflist}}

External links

  • [http://www.phreedom.org/research/heap-feng-shui/heap-feng-shui.html Heap Feng Shui in JavaScript] - Whitepaper by Alexander Sotirov
  • [https://www.blackhat.com/presentations/bh-europe-07/Sotirov/Presentation/bh-eu-07-sotirov-apr19.pdf Heap Feng Shui in JavaScript] - Slides of the BlackHat presentation on this subject.

Category:Computer security exploits

{{computer-security-stub}}