Skip to content

A collection of vulnerable ARM binaries for practicing exploit development

Notifications You must be signed in to change notification settings

unmeg/Exploit-Challenges

 
 

Repository files navigation

Exploit-Challenges

Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills!

These binaries are all built as ARMv7 Mach-O executables (unless specified otherwise) so it is recommended that you use a 32bit jailbroken iOS device with radare2 or another debugging utility installed to test them.

ARM 32-bit

roplevel1 - simple introduction to Return Oriented Programming with a simple objective

roplevel2 - same idea as level 1 but with a new objective

roplevel3 - more advanced use of ROP

roplevel4 - dealing with ASLR (infoleak)

roplevel5 - same as lvl4 but requires exploitation of format string vuln for the info leak

roplevel6 - execute ROP chain by making use of a stack pivot

roplevel7 - off-by-one vulnerability

heaplevel1 - simple heap based overflow example

heaplevel2 - Use-After-Free exploit

heaplevel3 - double free()

Xylex - real-world(ish) example system

ARM 64-bit

roplevel1-64 - 64-bit version of roplevel1

roplevel6-64 - 64-bit version of roplevel6

Help & Guidance

Write-ups/explanations on some of the binaries can be found on my YouTube channel here or in my book Beginner's Guide to Exploitation on ARM.

If you have any questions or requests for future exploitation challenges, tweet me @bellis1000

About

A collection of vulnerable ARM binaries for practicing exploit development

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C 100.0%