Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills!
These binaries are all built as ARMv7 Mach-O executables (unless specified otherwise) so it is recommended that you use a 32bit jailbroken iOS device with
radare2 or another debugging utility installed to test them.
roplevel1 - simple introduction to Return Oriented Programming with a simple objective
roplevel2 - same idea as level 1 but with a new objective
roplevel3 - more advanced use of ROP
roplevel4 - dealing with ASLR (infoleak)
roplevel5 - same as lvl4 but requires exploitation of format string vuln for the info leak
roplevel6 - execute ROP chain by making use of a stack pivot
heaplevel1 - simple heap based overflow example
heaplevel2 - Use-After-Free exploit
Xylex - real-world(ish) example system
roplevel1-64 - 64-bit version of roplevel1
roplevel6-64 - 64-bit version of roplevel6
Help & Guidance
If you have any questions or requests for future exploitation challenges, tweet me @bellis1000