Stack-Based Exploit Development Techniques in MIPS Architectures

Author

• Justin Applegate, Brigham Young UniversityFollow

Abstract

Memory corruption vulnerabilities in binary executables represent a serious threat to software security, particularly in embedded and IoT (Internet of Things) devices that commonly use the MIPS architecture. While exploit development techniques for x86 are well-documented in academic literature, little systematic work exists on how those techniques translate to other architectures such as MIPS. This research addresses that gap by evaluating thirteen stack-based exploit development techniques and subtechniques, originally designed in the context of the x86 architecture, for their applicability to MIPS architectures. For each technique, vulnerable C code was written and compiled into both x86 and a set of 36 MIPS variants covering multiple ABIs (Application Binary Interfaces), releases, endianness configurations, and PIE (Position-Independent Code) and static compilation settings. Proof of concept exploit code was developed for each variant, and each technique was classified as Fully Applicable, May Be Applicable With MIPS-Specific Adaptations, or Not Applicable. Of the thirteen techniques evaluated, most were found to be applicable to MIPS with varying degrees of MIPS-specific knowledge required. Three techniques or subtechniques were found to be not applicable within the scope of this research, with the root causes traced to MIPS leaf function behavior, MIPS stub mechanics, and the interaction between full RELRO (Relocation Read-Only) and the lazy binding resolution mechanism. The most pervasive source of MIPS-specific adaptation was the $gp register initialization behavior in function prologues, which affects any technique that redirects execution to a function in a different memory segment. These findings suggest that an exploit developer familiar with stack-based exploitation on x86 can transfer the majority of their knowledge to MIPS, provided they develop familiarity with MIPS-specific calling conventions, ABI-defined register saving behavior, and the $gp initialization sequence in MIPS function prologues. All proof of concept executables and exploit code are open-sourced to support reproducibility and future research.

Degree

MS

College and Department

Ira A. Fulton College of Engineering; Electrical and Computer Engineering

Rights

https://lib.byu.edu/about/copyright/

BYU ScholarsArchive Citation

Applegate, Justin, "Stack-Based Exploit Development Techniques in MIPS Architectures" (2026). Theses and Dissertations. 11195.
https://scholarsarchive.byu.edu/etd/11195

Date Submitted

2026-04-16

Document Type

Thesis

Permanent Link

https://arks.lib.byu.edu/ark:/34234/q2ffdc1f56

Keywords

exploit development, MIPS, buffer overflow

Language

english