Billy-Ellis/Exploit-Challenges Billy-Ellis/Exploit-Challenges

  • Stars
    star
    888
  • Rank 51,399 (Top 2 %)
  • Language
    C
  • Created almost 8 years ago
  • Updated about 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
Billy-Ellis/Exploit-Challenges
github

Billy-Ellis

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A collection of vulnerable ARM binaries for practicing exploit development

Exploit-Challenges

Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills!

These binaries are all built as ARMv7 Mach-O executables (unless specified otherwise) so it is recommended that you use a 32bit jailbroken iOS device with radare2 or another debugging utility installed to test them.

ARM 32-bit

roplevel1 - simple introduction to Return Oriented Programming with a simple objective

roplevel2 - same idea as level 1 but with a new objective

roplevel3 - more advanced use of ROP

roplevel4 - dealing with ASLR (infoleak)

roplevel5 - same as lvl4 but requires exploitation of format string vuln for the info leak

roplevel6 - execute ROP chain by making use of a stack pivot

roplevel7 - off-by-one vulnerability

heaplevel1 - simple heap based overflow example

heaplevel2 - Use-After-Free exploit

heaplevel3 - double free()

Xylex - real-world(ish) example system

ARM 64-bit

roplevel1-64 - 64-bit version of roplevel1

roplevel6-64 - 64-bit version of roplevel6

Help & Guidance

Write-ups/explanations on some of the binaries can be found on my YouTube channel here or in my book Beginner's Guide to Exploitation on ARM.

If you have any questions or requests for future exploitation challenges, tweet me @bellis1000

More Repositories

1

framebuffer_write

A tool to write text to the iOS screen by directly modifying the pixel information in the framebuffer
C
88
star
2

iOS-File-Explorer

No-jailbreak file explorer application for iOS
Objective-C
44
star
3

Lyla-Debugger

Bare-bones iOS debugger written in C
C
41
star
4

aslr-kernel-patch

Tool to patch the ASLR slide generation in the kernel to disable user-land ASLR on 32-bit iOS
C
31
star
5

BlurryLaunch

Cydia substrate tweak that adds colourful blur animations on app launching (supporting iOS 8.0 - 11.1.2)
Logos
16
star
6

kobject

A tool to pull C++ object names from kernel memory
C
16
star
7

Jailbreak-Detection-in-iOS-App

Very simple example of how to detect if the device is jailbroken. This is not the most efficient way but it will work in most cases.
Objective-C
15
star
8

Enter-kDFU-iOS-App

A springboard icon that when clicked, puts your device into kDFU mode.
Shell
13
star
9

BubbleSort-ARM64

Implementation of the BubbleSort algorithm written from scratch in ARM64 assembly
Assembly
10
star
10

FlappyBird-NeuralNet

My A-level computer science project from 2017-2018, a neural network that learns to play Flappy Bird
Objective-C
8
star
11

SceneKit-Glass-Box

Glass cube in SceneKit
Objective-C++
7
star
12

NanoChargingView

Check out the tweak on Cydia
Logos
5
star
13

iOS-System-Actions

Simple app demonstrating how to execute system (mobile user) commands in an iOS app
Objective-C++
5
star
14

Billy-Ellis.github.io

blog
CSS
4
star
15

SceneKit-Testing

Simple SceneKit testing app that allows you to play with the properties of an SCNBox
Objective-C
3
star
16

UIDevice-Example

Example demonstrating how to read iOS hardware & software information in an iOS app using the UIDevice class
Objective-C++
3
star
17

game-of-life-ios

Implementation of Conway's "Game of Life" in Swift https://en.wikipedia.org/wiki/Conway%27s_Game_of_Life
Swift
1
star
18

iOS-Device-Manager-Beta-Builds

1
star