Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/billy-ellis/exploit-challenges
A collection of vulnerable ARM binaries for practicing exploit development
https://github.com/billy-ellis/exploit-challenges
Last synced: about 1 month ago
JSON representation
A collection of vulnerable ARM binaries for practicing exploit development
- Host: GitHub
- URL: https://github.com/billy-ellis/exploit-challenges
- Owner: Billy-Ellis
- Created: 2017-02-21T21:23:18.000Z (almost 8 years ago)
- Default Branch: master
- Last Pushed: 2021-11-15T20:10:07.000Z (about 3 years ago)
- Last Synced: 2024-10-25T02:25:30.877Z (about 2 months ago)
- Language: C
- Size: 23.7 MB
- Stars: 894
- Watchers: 62
- Forks: 169
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-security-collection - **675**星
README
# Exploit-Challenges
Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills!These binaries are all built as ARMv7 Mach-O executables (unless specified otherwise) so it is recommended that you use a 32bit jailbroken iOS device with `radare2` or another debugging utility installed to test them.
### ARM 32-bit
`roplevel1` - simple introduction to Return Oriented Programming with a simple objective
`roplevel2` - same idea as level 1 but with a new objective
`roplevel3` - more advanced use of ROP
`roplevel4` - dealing with ASLR (infoleak)
`roplevel5` - same as lvl4 but requires exploitation of format string vuln for the info leak
`roplevel6` - execute ROP chain by making use of a stack pivot
`roplevel7` - off-by-one vulnerability
`heaplevel1` - simple heap based overflow example
`heaplevel2` - Use-After-Free exploit
`heaplevel3` - double free()
`Xylex` - real-world(ish) example system
### ARM 64-bit
`roplevel1-64` - 64-bit version of roplevel1
`roplevel6-64` - 64-bit version of roplevel6
## Help & Guidance
Write-ups/explanations on some of the binaries can be found on my YouTube channel [here](https://youtube.com/c/BillyEllis) or in my book [Beginner's Guide to Exploitation on ARM](http://zygosec.com/products.html).
If you have any questions or requests for future exploitation challenges, tweet me [@bellis1000](https://twitter.com/bellis1000)