2.2 KiB
Hole-In-Bin
Objective
This exercise is designed to test your skills and understanding of binary exploitation and reverse engineering. You will need to work through a series of binary exploitation challenges using a provided virtual machine.
Setup
- Download the virtual machine image hole-in-bin.ova. This image contains all the binaries you will need to exploit.
SHA1: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c
-
Load the virtual machine image into your virtualization software of choice (e.g., VirtualBox, VMWare).
-
Login using the provided credentials (username: user, password: user).
You will set up a new VM in the audit session!
The Challenges
Inside the /opt/hole-in-bin
directory, you will find a set of binaries (ex00 to ex11) that you need to exploit. Each binary presents a unique challenge and will test different aspects of your knowledge about binary exploitation and reverse engineering.
You can find more details in a README.txt
file inside each exercise folder.
Your task is to exploit these binaries, following ethical hacking guidelines.
Using a decompiler is forbidden, use a disassembler instead of it!
- The compiler is used to convert high-level programming language code into machine language code.
- The assembler converts assembly-level language code into machine language code.
⚠️ These methods and tools are for educational purposes only, so that you have a better understanding of how to protect against similar vulnerabilities. You must ensure that you do not attempt any exploit-type activity without the explicit permission of the owner of the machine, system or application. Failure to obtain permission risks breaking the law.
Submission and audit
Files that must be inside your repository:
- A
README.md
file, Which explains all the steps you went through to bypass each exercise. - All tools you use, and any scripts you write.
It's forbidden to use external scripts, in the audit you will be asked different questions about the concepts and the practices of this project, prepare yourself!