arbitrary-write-to-rce
CommunityTurn arbitrary write into reliable code execution
Software Engineering#glibc#arbitrary write#rce exploitation#pointer mangling#io_file vtable#tls dtors#gadget pivot
AuthorlNwNl
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This skill helps convert an arbitrary write memory primitive into working code execution against modern Linux/glibc targets, even when common hook-based techniques are removed.
Core Features & Use Cases
- Target selection by glibc version: Chooses appropriate execution targets across GOT overwrites, legacy hooks, and post-2.34 destructor paths.
- Multiple RCE overwrite routes: Covers GOT, __exit_funcs, TLS_dtor_list, _dl_fini/link_map corruption, .fini_array, _IO_FILE vtable (FSOP), C++ vtables, and setcontext pivot chains.
- Practical constraints guidance: Includes required knowledge for each target (e.g., libc/ld.so bases, pointer guard handling, heap address needs) and how to proceed when hooks are unavailable.
Quick Start
Ask the AI to map your arbitrary write primitive, known leaks (libc/ld.so/pointer guard), and binary/protection state to the best execution target and provide an exploitation plan.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: arbitrary-write-to-rce Download link: https://github.com/lNwNl/Methodos/archive/main.zip#arbitrary-write-to-rce Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.