public/subjects/cybersecurity/hole-in-bin/audit/README.md

General

Check the Repo content:

• A README.md file, Which explains all the steps to bypass all exercises.
• All used tools and scripts.

Are all the required files present?

Set up the virtual machine:

1. Download the virtual machine image hole-in-bin.ova. For machine using Apple Silicon or equivalent get hole-in-bin.utm.zip. This image contains all the binaries you will need for the audit.

SHA1 for hole-in-bin.ova: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c SHA1 for hole-in-bin.utm.zip: fc93533b2054d10d03b09d53c223e57bf7ac7b62

If it's already downloaded in the student machine, please check the SHA1 running the following command

$ sha1sum <filename>
<SHA1>

2. Load the virtual machine image into your virtualization software of choice (e.g., VirtualBox, VMWare).

3. Login using the provided credentials (username: user, password: user).

Ask the student to disassemble and explain the binaries:

Using a decompiler is forbidden, use a disassembler instead of it!

• The compiler is used to convert high-level programming language code into machine language code.
• The assembler converts assembly-level language code into machine language code.

Was the student capable to disassemble the binaries?

Was the student capable to explain the functionality of all the binaries?

Has the student shown the ability to understand and analyze binary structures and operations?

Did the student showcase an understanding of reverse engineering concepts?

Ask the student to exploit the binaries:

It's forbidden to use external scripts!

Have all binaries been exploited successfully?

Did the student demonstrate an understanding of various binary exploitation techniques?

Check the student Documentation:

Is the documentation clear and complete, including well-structured explanations and thorough descriptions?

Did the student explain their thought process and approach to each challenge?

Have the student’s notes clearly described the tools and techniques used during the exercise?