Basic terms Basic terms for beginner, explain how blockchain works, etc. https://ethereum.org/en/developers/docs/intro-to-ethereum/ Account https://ethereum.org/en/developers/docs/accounts/ An Ethereum account is an entity with an ether (ETH) balance that can send transactions on Ethereum. Accounts can be user-controlled or deployed as smart contracts. Transaction: https://ethereum.org/en/developers/docs/evm/#transactions

Web: Login! A simple login page, our target is to login as user. const user = USER_DB[username]; if (user && user.password == password) { if (username === 'guest') { res.send('Welcome, guest. You do not have permission to view the flag'); } else { res.send(`Welcome, ${username}. Here is your flag: ${FLAG}`);

Great article: https://azeria-labs.com/heap-exploitation-part-1-understanding-the-glibc-heap-implementation/ https://heap-exploitation.dhavalkapil.com/diving_into_glibc_heap/bins_chunks https://0x434b.dev/overview-of-glibc-heap-exploitation-techniques/#basics Allocation strat: When calling malloc (and similar functions), the returned buffer on the heap is called a chunk. On 32bit, chunks are 8-byte aligned On 64bit, chunks are 16-byte aligned:If request size is n in 64bit Then real chunk size is: (n + 8 + 15) & ~15

Mainly from Windows Internal 7th edition Memory management: Paged pool vs non-paged pool: https://docs.microsoft.com/en-us/windows/win32/memory/memory-pools The nonpaged pool consists of virtual memory addresses that are guaranteed to reside in physical memory as long as the corresponding kernel objects are allocated. The paged pool consists of virtual memory that can be paged in and out of the system A page can be locked, meaning that it will be guaranteed to stay in the memory. Some functions to do that: VirtualLock (for application), MmProbeAndLockPage, MmLockPagableCodeSection, MmLockPagableDataSection (for device drivers) Reserving and commiting pages: