Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/billy-ellis/exploit-challenges

A collection of vulnerable ARM binaries for practicing exploit development
https://github.com/billy-ellis/exploit-challenges

Last synced: about 1 month ago
JSON representation

A collection of vulnerable ARM binaries for practicing exploit development

Awesome Lists containing this project

README

        

# Exploit-Challenges
Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills!

These binaries are all built as ARMv7 Mach-O executables (unless specified otherwise) so it is recommended that you use a 32bit jailbroken iOS device with `radare2` or another debugging utility installed to test them.

### ARM 32-bit

`roplevel1` - simple introduction to Return Oriented Programming with a simple objective

`roplevel2` - same idea as level 1 but with a new objective

`roplevel3` - more advanced use of ROP

`roplevel4` - dealing with ASLR (infoleak)

`roplevel5` - same as lvl4 but requires exploitation of format string vuln for the info leak

`roplevel6` - execute ROP chain by making use of a stack pivot

`roplevel7` - off-by-one vulnerability

`heaplevel1` - simple heap based overflow example

`heaplevel2` - Use-After-Free exploit

`heaplevel3` - double free()

`Xylex` - real-world(ish) example system

### ARM 64-bit

`roplevel1-64` - 64-bit version of roplevel1

`roplevel6-64` - 64-bit version of roplevel6

## Help & Guidance

Write-ups/explanations on some of the binaries can be found on my YouTube channel [here](https://youtube.com/c/BillyEllis) or in my book [Beginner's Guide to Exploitation on ARM](http://zygosec.com/products.html).

If you have any questions or requests for future exploitation challenges, tweet me [@bellis1000](https://twitter.com/bellis1000)