Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/billy-ellis/exploit-challenges

A collection of vulnerable ARM binaries for practicing exploit development
https://github.com/billy-ellis/exploit-challenges

Last synced: 8 days ago
JSON representation

A collection of vulnerable ARM binaries for practicing exploit development

Awesome Lists containing this project

README 

        
# Exploit-Challenges

Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills! 



These binaries are all built as ARMv7 Mach-O executables (unless specified otherwise) so it is recommended that you use a 32bit jailbroken iOS device with `radare2` or another debugging utility installed to test them.



### ARM 32-bit



`roplevel1` - simple introduction to Return Oriented Programming with a simple objective



`roplevel2` - same idea as level 1 but with a new objective



`roplevel3` - more advanced use of ROP



`roplevel4` - dealing with ASLR (infoleak)



`roplevel5` - same as lvl4 but requires exploitation of format string vuln for the info leak



`roplevel6` - execute ROP chain by making use of a stack pivot



`roplevel7` - off-by-one vulnerability



`heaplevel1` - simple heap based overflow example



`heaplevel2` - Use-After-Free exploit



`heaplevel3` - double free()



`Xylex` - real-world(ish) example system



### ARM 64-bit



`roplevel1-64` - 64-bit version of roplevel1



`roplevel6-64` - 64-bit version of roplevel6



## Help & Guidance



Write-ups/explanations on some of the binaries can be found on my YouTube channel [here](https://youtube.com/c/BillyEllis) or in my book [Beginner's Guide to Exploitation on ARM](http://zygosec.com/products.html).



If you have any questions or requests for future exploitation challenges, tweet me [@bellis1000](https://twitter.com/bellis1000)