#### General ##### Check the Repo content: - A `README.md` file, Which explains all the steps to bypass all exercises. - All used tools and scripts. ###### Are all the required files present? ##### Set up the virtual machine: 1. Download the virtual machine image [hole-in-bin.ova](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.ova). For machine using Apple Silicon or equivalent get [hole-in-bin.utm.zip](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.utm.zip). This image contains all the binaries you will need for the audit. SHA1 for `hole-in-bin.ova`: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c SHA1 for `hole-in-bin.utm.zip`: fc93533b2054d10d03b09d53c223e57bf7ac7b62 > If it's already downloaded in the student machine, please check the SHA1 running the following command ```console $ sha1sum ``` 2. Load the virtual machine image into your virtualization software of choice (e.g., VirtualBox, VMWare). 3. Login using the provided credentials (username: user, password: user). ##### Ask the student to disassemble and explain the binaries: > Using a decompiler is forbidden, use a disassembler instead of it! - The compiler is used to convert high-level programming language code into machine language code. - The assembler converts assembly-level language code into machine language code. ###### Was the student capable to disassemble the binaries? ###### Was the student capable to explain the functionality of all the binaries? ###### Has the student shown the ability to understand and analyze binary structures and operations? ###### Did the student showcase an understanding of reverse engineering concepts? ##### Ask the student to exploit the binaries: > It's forbidden to use external scripts! ###### Have all binaries been exploited successfully? ###### Did the student demonstrate an understanding of various binary exploitation techniques? ##### Check the student Documentation: ###### Is the documentation clear and complete, including well-structured explanations and thorough descriptions? ###### Did the student explain their thought process and approach to each challenge? ###### Have the student’s notes clearly described the tools and techniques used during the exercise?