public/subjects/cybersecurity/hole-in-bin/audit/README.md

#### General

##### Check the Repo content

- A `README.md` file, Which explains all the steps to bypass all exercises.
- All used tools and scripts.

###### Are all the required files present?

##### Setup the virtual machine

1. Download the virtual machine image [hole-in-bin.ova](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.ova). This image contains all the binaries you will need for the audit.

SHA1: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c

2. Load the virtual machine image into your virtualization software of choice (e.g., VirtualBox, VMWare).

3. Login using the provided credentials (username: user, password: user).

##### Ask the student to disassemble and explain the binaries

> Using a decompiler is forbidden, use a disassembler instead of it!

- The compiler is used to convert high-level programming language code into machine language code.
- The assembler converts assembly-level language code into machine language code.

###### Did the student capable to disassemble the binaries?

###### Did the student capable to explain the functionality of the all binaries?

###### Has the student shown the ability to understand and analyze binary structures and operations?

###### Did the student showcase an understanding of reverse engineering concepts?

##### Ask the student to exploit the binaries

> It's forbidden to use external scripts!

###### Have all binaries been exploited successfully?

###### Were the exploits implemented correctly and effectively?

###### Did the student demonstrate an understanding of various binary exploitation techniques?

##### Check the student Documentation

###### Is the documentation clear and complete, including well-structured explanations and thorough descriptions?

###### Did the student explain their thought process and approach to each challenge?

###### Have the student’s notes clearly described the tools and techniques used during the exercise?