Exploit-Challenges: collection of vulnerable ARM binaries for practicing exploit development


Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills!

These binaries are all built as ARMv7 Mach-O executables (unless specified otherwise) so it is recommended that you use a 32bit jailbroken iOS device with radare2 or another debugging utility installed to test them.

ARM 32-bit

roplevel1 – simple introduction to Return Oriented Programming with a simple objective

roplevel2 – same idea as level 1 but with a new objective

roplevel3 – more advanced use of ROP

roplevel4 – dealing with ASLR (infoleak)

roplevel5 – same as lvl4 but requires exploitation of format string vuln for the info leak

roplevel6 – execute ROP chain by making use of a stack pivot

roplevel7 – off-by-one vulnerability

heaplevel1 – simple heap-based overflow example

heaplevel2 – Use-After-Free exploit

heaplevel3 – double free()

Xylex – real-world(ish) example system

ARM 64-bit

roplevel1-64 – 64-bit version of roplevel1

roplevel6-64 – 64-bit version of roplevel6

Help & Guidance

Write-ups/explanations on some of the binaries can be found on YouTube channels here and here.

If you have any questions or requests for future exploitation challenges, tweet me @bellis1000


Author @bellis1000