diff --git a/subjects/cybersecurity/hole-in-bin/README.md b/subjects/cybersecurity/hole-in-bin/README.md index 8bf729271..06bfa683f 100644 --- a/subjects/cybersecurity/hole-in-bin/README.md +++ b/subjects/cybersecurity/hole-in-bin/README.md @@ -1,26 +1,44 @@ -# Hole in Bin +# Hole-In-Bin + +
+ +
### Objective -The objective of the project is that you are comfortable in reverse engineering on a windows environment, because many systems (Bank ATMs, SCADA..) can run on windows. +This exercise is designed to test your skills and understanding of binary exploitation and reverse engineering. You will need to work through a series of binary exploitation challenges using a provided virtual machine. -### Guidelines +### Setup -You will have the exercise of creating a patch that will bypass the security of the [program](./resources/hole-in-bin.exe) and display "please withdraw your money" in the color green, rather than an error message.. +1. Download the virtual machine image [hole-in-bin.ova](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.ova). This image contains all the binaries you will need to exploit. -### Advice +SHA1: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c -https://ghidra-sre.org/ -http://www.ollydbg.de/ -https://www.softpedia.com/get/Programming/Packers-Crypters-Protectors/PEiD-updated.shtml -https://www.red-gate.com/products/dotnet-development/reflector/ +2. Load the virtual machine image into your virtualization software of choice (e.g., VirtualBox, VMWare). -### Submission and audit +3. Login using the provided credentials (username: user, password: user). -Files that must be inside your repository: +> You will set up a new VM in the audit session! + +### The Challenges + +Inside the `/opt/hole-in-bin` directory, you will find a set of binaries (ex00 to ex11) that you need to exploit. Each binary presents a unique challenge and will test different aspects of your knowledge about binary exploitation and reverse engineering. +You can find more details in a `README.txt` file inside each exercise folder. + +Your task is to exploit these binaries, following ethical hacking guidelines. -- a README.md file, Which explains all the steps you went through in order to bypass the program. +> Using a decompiler is forbidden, use a disassembler instead of it! -Don’t hesitate to double check the names of your folders and files to ensure they are correct! +- The compiler is used to convert high-level programming language code into machine language code. +- The assembler converts assembly-level language code into machine language code. > ⚠️ These methods and tools are for educational purposes only, so that you have a better understanding of how to protect against similar vulnerabilities. You must ensure that you do not attempt any exploit-type activity without the explicit permission of the owner of the machine, system or application. Failure to obtain permission risks breaking the law. + +### Submission and audit + +Files that must be inside your repository: + +- A `README.md` file, Which explains all the steps you went through to bypass each exercise. +- All tools you use, and any scripts you write. + +> It's forbidden to use external scripts, in the audit you will be asked different questions about the concepts and the practices of this project, prepare yourself! \ No newline at end of file diff --git a/subjects/cybersecurity/hole-in-bin/audit/README.md b/subjects/cybersecurity/hole-in-bin/audit/README.md index 2110b4579..2719c19f5 100644 --- a/subjects/cybersecurity/hole-in-bin/audit/README.md +++ b/subjects/cybersecurity/hole-in-bin/audit/README.md @@ -1,29 +1,51 @@ #### General -###### Is the student able to explain clearly what reverse engineering means? +##### Check the Repo content -###### Is the student able to explain clearly what is the difference between decompilation and disassembly and hex-editor? +- A `README.md` file, Which explains all the steps to bypass all exercises. +- All used tools and scripts. -###### Is the student able to explain clearly how he patch the program? +###### Are all the required files present? -###### Is the student able to explain clearly how the "hole-in-bin" program works and how he pass the verification? +##### Setup the virtual machine -##### Check the Repo content +1. Download the virtual machine image [hole-in-bin.ova](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.ova). This image contains all the binaries you will need for the audit. + +SHA1: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c + +2. Load the virtual machine image into your virtualization software of choice (e.g., VirtualBox, VMWare). + +3. Login using the provided credentials (username: user, password: user). + +##### Ask the student to disassemble and explain the binaries + +> Using a decompiler is forbidden, use a disassembler instead of it! + +- The compiler is used to convert high-level programming language code into machine language code. +- The assembler converts assembly-level language code into machine language code. + +###### Did the student capable to disassemble the binaries? + +###### Did the student capable to explain the functionality of the all binaries? + +###### Has the student shown the ability to understand and analyze binary structures and operations? + +###### Did the student showcase an understanding of reverse engineering concepts? -Files that must be inside your repository: +##### Ask the student to exploit the binaries -- a README.md file, Which explains all the steps you went through in order to bypass the program. +> It's forbidden to use external scripts! -###### Does the required files present? +###### Have all binaries been exploited successfully? -##### Evaluate the student's submission +###### Were the exploits implemented correctly and effectively? -Start a Windows operating system, x32 or 64 bits(INTEL or AMD). +###### Did the student demonstrate an understanding of various binary exploitation techniques? -Run the program [hole-in-bin](../resources/hole-in-bin.exe) +##### Check the student Documentation -Run Student Patch +###### Is the documentation clear and complete, including well-structured explanations and thorough descriptions? -###### Does the patch developed by the student circumvent the security of the program and allow the display in green color of the text: please withdraw your money? +###### Did the student explain their thought process and approach to each challenge? -###### Can the student perform this same task again manually with a decompiler-disassembler or hex editor? +###### Have the student’s notes clearly described the tools and techniques used during the exercise? diff --git a/subjects/cybersecurity/hole-in-bin/pictures/meme.png b/subjects/cybersecurity/hole-in-bin/pictures/meme.png new file mode 100644 index 000000000..3e37e875e Binary files /dev/null and b/subjects/cybersecurity/hole-in-bin/pictures/meme.png differ diff --git a/subjects/cybersecurity/hole-in-bin/resources/hole-in-bin.exe b/subjects/cybersecurity/hole-in-bin/resources/hole-in-bin.exe deleted file mode 100644 index 349f3685c..000000000 Binary files a/subjects/cybersecurity/hole-in-bin/resources/hole-in-bin.exe and /dev/null differ