Open Fruerlund opened 1 year ago
@Fruerlund I'd like to look into this bug. Can you upload those binaries to this issue?
Also do you have the libc symbol installed? If not, you need to set the main_arena address using heap set-arena
. Then gef should be able to recover the heap chunks. If you don't know the address you can try this
@Fruerlund Ping?
GEF+GDB version
Operating System
Linux 5.10.16.3-microsoft-standard-WSL2 #1 SMP Fri Apr 2 22:23:49 UTC 2021 x86_64 GNU/Linux
Describe the issue you encountered
Target binary:
Fusion VM:
Host VM:
During examination of heap chunks the heap commands works unexpectially and doesn't recognize any allocated chunks.
Do you read the docs and look at previously closed issues/PRs for similar cases?
Yes
Architecture impacted
Describe your issue. Without a proper reproduction step-by-step, your issue will be ignored.
Provide a step-by-step to reproduce your issue.
REMOTE ENVIRONMENT (32 BIT):
1. Setup environment.
Fusion VM:
fusion@fusion:~$ sudo gdbserver :1234 --attach 1424 [sudo] password for fusion: Attached; pid = 1424 Listening on port 1234
Host VM:
2. Interact with code
3. Examine heap
LOCAL ENVIRONMENT (32 BIT):
In this setup I've ported the source code made the nessecary code adjusements and compiled the source code on my host VM using a newer versions of LIBC.
In this setup the binary is running locally on the host VM with the specifications shown earlier.
The same GDB setup is used, however skipping remote debug and attaching directly to the running binary using its PID. The interaction with the binary is identical to that of the remote.
Target binary:
LOCAL ENVIRONMENT (64 BIT)
Reproduce the previous setup steps for LOCAL ENVIRONMENT 32 BIT.
Instead targeting a 64-bit compiled version.
Target binary:
The same commands are sent and the heap output works as expected.
Minimalist test case
Use this field for a minimal code to compile and spot the issue:
You can also provide a Dockerfile if you prefer
Additional context?
Challenge found here: http://exploit.education/fusion/level05/
Image for fusion found here: http://exploit.education/downloads/