Skip to content

Latest commit

 

History

History
40 lines (21 loc) · 1.45 KB

README.md

File metadata and controls

40 lines (21 loc) · 1.45 KB

Exploit-Challenges

Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills!

These binaries are all built as ARMv7 Mach-O executables (unless specified otherwise) so it is recommended that you use a 32bit jailbroken iOS device with radare2 or another debugging utility installed to test them.

ARM 32-bit

roplevel1 - simple introduction to Return Oriented Programming with a simple objective

roplevel2 - same idea as level 1 but with a new objective

roplevel3 - more advanced use of ROP

roplevel4 - dealing with ASLR (infoleak)

roplevel5 - same as lvl4 but requires exploitation of format string vuln for the info leak

roplevel6 - execute ROP chain by making use of a stack pivot

roplevel7 - off-by-one vulnerability

heaplevel1 - simple heap based overflow example

heaplevel2 - Use-After-Free exploit

heaplevel3 - double free()

Xylex - real-world(ish) example system

ARM 64-bit

roplevel1-64 - 64-bit version of roplevel1

roplevel6-64 - 64-bit version of roplevel6

Help & Guidance

Write-ups/explanations on some of the binaries can be found on my YouTube channel here or in my book Beginner's Guide to Exploitation on ARM.

If you have any questions or requests for future exploitation challenges, tweet me @bellis1000