mirror of https://github.com/01-edu/public.git
Zouhair AMAZZAL
1 year ago
committed by
Zouhair AMAZZAL
4 changed files with 67 additions and 27 deletions
@ -1,29 +1,51 @@
|
||||
#### General |
||||
|
||||
###### Is the student able to explain clearly what reverse engineering means? |
||||
##### Check the Repo content |
||||
|
||||
###### Is the student able to explain clearly what is the difference between decompilation and disassembly and hex-editor? |
||||
- A `README.md` file, Which explains all the steps to bypass all exercises. |
||||
- All used tools and scripts. |
||||
|
||||
###### Is the student able to explain clearly how he patch the program? |
||||
###### Are all the required files present? |
||||
|
||||
###### Is the student able to explain clearly how the "hole-in-bin" program works and how he pass the verification? |
||||
##### Setup the virtual machine |
||||
|
||||
##### Check the Repo content |
||||
1. Download the virtual machine image [hole-in-bin.ova](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.ova). This image contains all the binaries you will need for the audit. |
||||
|
||||
SHA1: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c |
||||
|
||||
2. Load the virtual machine image into your virtualization software of choice (e.g., VirtualBox, VMWare). |
||||
|
||||
3. Login using the provided credentials (username: user, password: user). |
||||
|
||||
##### Ask the student to disassemble and explain the binaries |
||||
|
||||
> Using a decompiler is forbidden, use a disassembler instead of it! |
||||
|
||||
- The compiler is used to convert high-level programming language code into machine language code. |
||||
- The assembler converts assembly-level language code into machine language code. |
||||
|
||||
###### Did the student capable to disassemble the binaries? |
||||
|
||||
###### Did the student capable to explain the functionality of the all binaries? |
||||
|
||||
###### Has the student shown the ability to understand and analyze binary structures and operations? |
||||
|
||||
###### Did the student showcase an understanding of reverse engineering concepts? |
||||
|
||||
Files that must be inside your repository: |
||||
##### Ask the student to exploit the binaries |
||||
|
||||
- a README.md file, Which explains all the steps you went through in order to bypass the program. |
||||
> It's forbidden to use external scripts! |
||||
|
||||
###### Does the required files present? |
||||
###### Have all binaries been exploited successfully? |
||||
|
||||
##### Evaluate the student's submission |
||||
###### Were the exploits implemented correctly and effectively? |
||||
|
||||
Start a Windows operating system, x32 or 64 bits(INTEL or AMD). |
||||
###### Did the student demonstrate an understanding of various binary exploitation techniques? |
||||
|
||||
Run the program [hole-in-bin](../resources/hole-in-bin.exe) |
||||
##### Check the student Documentation |
||||
|
||||
Run Student Patch |
||||
###### Is the documentation clear and complete, including well-structured explanations and thorough descriptions? |
||||
|
||||
###### Does the patch developed by the student circumvent the security of the program and allow the display in green color of the text: please withdraw your money? |
||||
###### Did the student explain their thought process and approach to each challenge? |
||||
|
||||
###### Can the student perform this same task again manually with a decompiler-disassembler or hex editor? |
||||
###### Have the student’s notes clearly described the tools and techniques used during the exercise? |
||||
|
After Width: | Height: | Size: 181 KiB |
diff.bin_not_shown
Loading…
Reference in new issue