ARM Exploitation: Return Oriented Programming (0x64 ∧ 0x6d) ∨ 0x69

Creating ROP chains to bypass data execution prevention - DEP

This series focuses on exploiting simple stack overflow vulnerabilities by using return oriented programming (ROP) techniques to bypass data execution prevention (DEP).

This series includes a total of three posts.

The posts became quite detailed, and there is a lot of information to comprehend. If you notice any omissions, bugs (whether in language, grammar, etc.), have suggestions for improvements, or have any questions, please feel free to reach out to me via Twitter or through the contact page. I am more than happy to answer your questions and include any improvements in this post. Latest Update of this series: 03.12.2018 Changelog 03.12.2018: A working, prebuilt environment has been added to simplify the process of getting started. 13.10.2018: Updated the "Setup & Tools" section with instructions on how to initialize the Archlinux ARM keyring and commands for installing the required packages. Additionally, a command line switch was included to disable GCC stack canaries. 07.09.2018: A note was added regarding the successful setup of the bridge interface using QEMU (in the first part). 1 - ARM Exploitation - Setup and Tools In the first part, I describe the setup I used, which consists of a set of scripts to build a QEMU-based ArchLinux ARM environment along with a vulnerable HTTP daemon. Requirements: