https://arzedlab.github.io/tags/unsafe-unlink/Recent content in Unsafe-Unlink on Arzedlab 🪵Hugoen-us© RavshanTue, 14 Jan 2025 00:00:00 +0000https://arzedlab.github.io/posts/unsafe-unlink-1483648c0bf48032a944dc2bc36b5207/Tue, 14 Jan 2025 00:00:00 +0000https://arzedlab.github.io/posts/unsafe-unlink-1483648c0bf48032a944dc2bc36b5207/<h1 id="unsafe-unlink">Unsafe Unlink</h1> <h1 id="introduction">Introduction</h1> <p>The &ldquo;Unsafe Unlink&rdquo; technique is a heap exploitation attack that was once quite common. It involves manipulating the unlink macro in <code>malloc.c</code> to remove a chunk from a bin. This attack exploits the pointer manipulation done in the unlink macro, which can lead to arbitrary code execution or other malicious activities.</p> <p>When we free allocated unsorted bin, it will be freed from a doubly linked list.</p> <p>A doubly linked list is a type of data structure that consists of a sequence of elements, where each element (or node) contains three parts:</p>