|
|
|
|
#### General
|
|
|
|
|
|
|
|
|
|
##### Check the Repo content
|
|
|
|
|
|
|
|
|
|
Files that must be inside your repository:
|
|
|
|
|
|
|
|
|
|
- a README.md file, Which explains all the steps you went through in order to reach root access.
|
|
|
|
|
|
|
|
|
|
###### Does the required files present?
|
|
|
|
|
|
|
|
|
|
##### Evaluate the student's submission
|
|
|
|
|
|
|
|
|
|
###### Is the student able to explain clearly what Privilege Escalation means?
|
|
|
|
|
|
|
|
|
|
##### Install 01-Local1.ova in VirtualBox
|
|
|
|
|
|
|
|
|
|
Get [01-Local1.ova](https://assets.01-edu.org/cybersecurity/local1/01-Local1.ova)
|
|
|
|
|
|
|
|
|
|
The SHA1 is: f3422f3364fd38e8183740f8f57fa951d3f6e0bf
|
|
|
|
|
|
|
|
|
|
> If it's already downloaded in the student machine, please check the SHA1 running the following command
|
|
|
|
|
|
|
|
|
|
```console
|
|
|
|
|
$ sha1sum 01-Local1.ova
|
|
|
|
|
f3422f3364fd38e8183740f8f57fa951d3f6e0bf 01-Local1.ova
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
###### Is the SHA1 the expected one?
|
|
|
|
|
|
|
|
|
|
##### Ask the student to get the IP address.
|
|
|
|
|
|
|
|
|
|
###### Can the student explain all the steps?
|
|
|
|
|
|
|
|
|
|
##### Ask the student to become root.
|
|
|
|
|
|
|
|
|
|
> The modification in GRUB or in the VM to get the root access is forbidden!
|
|
|
|
|
|
|
|
|
|
###### Can the student explain all the steps?
|
|
|
|
|
|
|
|
|
|
##### Ask the student to show the flag.
|
|
|
|
|
|
|
|
|
|
###### Can the student explain all the steps?
|
|
|
|
|
|
|
|
|
|
##### Ask the student to explain clearly each exploit and how we can fix it!
|
|
|
|
|
|
|
|
|
|
###### DOES the student explain clearly what are the steps taken to fix each vulnerability?
|
