Practical Windows XP/2003 Heap Exploitation
The era of straightforward heap exploitation is now well behind us. Heap exploitation has steadily increased in difficulty since its genesis in Solar Designer's groundbreaking Bugtraq post in July of 2000. This trend towards increasingly complicated exploitation is primarily a result of the widespread implementation of technical heap counter-measures in modern systems software. The effort required to write reliable heap exploits has steadily increased due to other factors as well: applications have become increasingly multi-threaded to take advantage of trends in hardware, and - in certain code - memory corruption vulnerabilities have become more nuanced and unique as a result of common, straightforward vulnerability patterns slowly but surely being audited out of existence.