Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
As the name implies, this vulnerability occurs when a program stores some space in the heap for an object, writes some info there, frees it apparently because it's not needed anymore and then accesses it again.
The problem here is that it's not ilegal (there won't be errors) when a freed memory is accessed. So, if the program (or the attacker) managed to allocate the freed memory and store arbitrary data, when the freed memory is accessed from the initial pointer that data would be have been overwritten causing a vulnerability that will depends on the sensitivity of the data that was stored original (if it was a pointer of a function that was going to be be called, an attacker could know control it).
A first fit attack targets the way some memory allocators, like in glibc, manage freed memory. When you free a block of memory, it gets added to a list, and new memory requests pull from that list from the end. Attackers can use this behavior to manipulate which memory blocks get reused, potentially gaining control over them. This can lead to "use-after-free" issues, where an attacker could change the contents of memory that gets reallocated, creating a security risk.
Check more info in:
{% content-ref url="first-fit.md" %} first-fit.md {% endcontent-ref %}
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.