TL;DR Ready-to-play Qemu images for under-rated architectures (ARM, MIPS, PowerPC, SPARC, AARCH64) to play with, with all the tools builtin to understand memory corruption on non x86 environments here .
Become a ninja on non-x86 architectures !
A few weeks back, I came across @Fox0x01 awesome tutorial to get started with learning debugging and exploitation techniques on ARM. If you haven’t checked it out, make sure you add this on your to-read list.
I have been initially developping
the same reason, to learn more about non-x86 architectures. So in the same
spirit of openness that Azeria has shown, I am releasing a few Qemu virtual
machines to start immediately playing with ARM, MIPS, PowerPC and AARCH64
All you need is Qemu. Then download the link to your image, and unzip the archive.
If you are on Linux/OSX, run in a terminal (or double-click) on the
script, when our Windows friend would simply need to double-click the
Each VM will also TCP forward its SSH port for easy interaction. On Linux/OSX, just
./ssh.sh. Windows users will need tools like
Those images are battery-included, development tools, compilation and debugging tools too. Ever wondered what SPARC assembly looks like? Always feeling itchy to learn about memory corruption on PowerPC? Wait no more!
Without further ado:
Unless stated otherwise,
root password is
root, and an low privilege account
user is created.
Update: the current ARMv6 image is based on a Raspberry Pi image. Therefore, the username is
raspberryand is sudoer NOPASSWD. I will update the image soon to fix this.
But why ?
Already existing fantastic projects such as Vagrant for Linux/*nix and modern.ie for Windows help us getting quickly functional environments we can use in labs. But they are only providing Intel-based images.
The closest thing to what I wanted when I started exploring exotic architectures was aurel32 Qemu pages , which provides great Qemu images. Unfortunately, they are using extremely old kernels and/or Linux distributions, making it too hard for a quick plug-n-play experience.
Interestingly when developing
gef, I talked with many people interested in
learning about non-x86 archs but felt like they don’t know where to
start. So my hope is that those images will be the start to a lot of
All the VMs come with 2 compiled ELF binaires: a very simple
to start easy with the new architecture, run it, start
gdb-ing around it to understand the architecture basics (memory layout, function call convention, GOT+PLT, stack canary, etc.) and a
simple-bof, which is a simple
Stack Overflow ELF to start on the way of understanding memory corruption.
But I just wanna play with assembly…
So take a look at this .
Ok so what’s next ?
Well, those VMs were built from scratch using Qemu, which takes forever. I will add some more VMs on other arch soon (MIPS64, S390x, etc.), but if you like that, simply drop me a line on Twitter, to keep me boosted.
Hope you’ll enjoy it!
Oh and if you happen to be wandering in Black Hat Las Vegas 2017, come say hi at the Black Hat Arsenal booth
Share this post: