Extendable Visualization & Exploitation tool for glibc heap.
vHeap is a python/js project aimed at visualizing the glibc heap memory at runtime during your debugging sessions to make your life easier ✨.
The heap memory is one of those things that are much easier to work with and learn when visualized. Most security researchers/ctf players end up sketching the heap memory to exploit it.
This vHeap version is built to work with pwndbg on GDB.
Clone and install pwndbg then
git clone https://github.com/wes4m/vheap.git
cd vheap
./setup.sh PWNDBG_PATH
To start serving; from within your GDB session vHeap shows you everything in the webbrowser.
vhserv localhost 1337
vhstop
to stop the server.
To update the heap state.
vhstate
A cool trick instead of updating manually is to define a GDB hook-stop to update with each step.
define hook-stop
`vhstate
end
vHeap can be easily modified to work with other debuggers and any other form of input methods. It is also built while keeping in mind extendability and adding custom functionalities; More atEXTENDING DOCS.
vHeap to do tasks:
- Selecting different arenas.
- Better overlap detection.
- Making docs.
- ?? ..
Contributions are appreciated 💛.