Releases: thomasdullien/heap_history_viewer
With file dialog and highlighting
This minor update adds three things:
- A bunch of bug / crash fixes
- A simple file dialog that prompts users when launching the app to choose a JSON file
- The ability to highlight blocks of a certain size
Initial release
A very early release version, now with pre-built binaries to make using it easier.
Example:
./Heap_History_Viewer-x86_64.AppImage ./Desktop/wpad/heap_trace_full_exploit_right_addresses.json
This should pop up an OpenGL window with a rendering of the run of the entire exploit.
Quick instructions:
CTRL - mousewheel: Zoom to the cursor
CTRL - SHIFT - mousewheel: Squash / stretch the X axis (more time / less time, keep Y constant)
Click on block: Display size, address, and allocation tags of the block in status bar
Click on vertical line: Display label for the event (vertical line) in the status bar
You can feed it easily with your own data, too -- the input file is a JSON array of the form:
[{ "type" : "alloc", "tag" : "RtlAllocateHeap", "size" : 36, "address" : 2238563136752},
{ "type" : "alloc", "tag" : "RtlAllocateHeap", "size" : 12, "address" : 2238563136944},
{ "type" : "event", "tag" : "begin freeing" },
{ "type" : "free", "tag" : "RtlFreeHeap", "address" : 2238563136944},
{ "type" : "free", "tag" : "RtlFreeHeap", "address" : 2238563136752},
{ "type" : "address", "tag" : "interesting address", "address" : 2238563136752}]
Grey blocks are blocks that are "freed" before the end of the JSON, green are blocks that are still alive by the time the JSON ends.