Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills!
These binaries are all built as ARMv7 Mach-O executables (unless specified otherwise) so it is recommended that you use a 32bit jailbroken iOS device with radare2
or another debugging utility installed to test them.
roplevel1
- simple introduction to Return Oriented Programming with a simple objective
roplevel2
- same idea as level 1 but with a new objective
roplevel3
- more advanced use of ROP
roplevel4
- dealing with ASLR (infoleak)
roplevel5
- same as lvl4 but requires exploitation of format string vuln for the info leak
roplevel6
- execute ROP chain by making use of a stack pivot
roplevel7
- off-by-one vulnerability
heaplevel1
- simple heap based overflow example
heaplevel2
- Use-After-Free exploit
heaplevel3
- double free()
Xylex
- real-world(ish) example system
roplevel1-64
- 64-bit version of roplevel1
roplevel6-64
- 64-bit version of roplevel6
Write-ups/explanations on some of the binaries can be found on my YouTube channel here or in my book Beginner's Guide to Exploitation on ARM.
If you have any questions or requests for future exploitation challenges, tweet me @bellis1000