public/subjects/cybersecurity/hole-in-bin/README.md

# Hole-In-Bin

<center>
<img src="./pictures/meme.png?raw=true" style = "width: 600px !important; height: 737px !important;"/>
</center>

### Objective

This exercise is designed to test your skills and understanding of binary exploitation and reverse engineering. You will need to work through a series of binary exploitation challenges using a provided virtual machine.

### Setup

1. Download the virtual machine image [hole-in-bin.ova](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.ova). For machine running with Apple Silicon CPU or ARM architecture (e.g. M1, M2 ...) use the following [hole-in-bin.utm.zip](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.utm.zip). This image contains all the binaries you will need to exploit.

SHA1: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c

2. Load the virtual machine image into your virtualization software of choice (e.g., VirtualBox, VMWare).

3. Login using the provided credentials (username: user, password: user).

> You will set up a new VM in the audit session!

### The Challenges

Inside the `/opt/hole-in-bin` directory, you will find a set of binaries (ex00 to ex11) that you need to exploit. Each binary presents a unique challenge and will test different aspects of your knowledge about binary exploitation and reverse engineering.
You can find more details in a `README.txt` file inside each exercise folder.

Your task is to exploit these binaries, following ethical hacking guidelines.

> Using a decompiler is forbidden, use a disassembler instead of it!

- The compiler is used to convert high-level programming language code into machine language code.
- The assembler converts assembly-level language code into machine language code.

> ⚠️ These methods and tools are for educational purposes only, so that you have a better understanding of how to protect against similar vulnerabilities. You must ensure that you do not attempt any exploit-type activity without the explicit permission of the owner of the machine, system or application. Failure to obtain permission risks breaking the law.

### Submission and audit

Files that must be inside your repository:

- A `README.md` file, Which explains all the steps you went through to bypass each exercise.
- All tools you use, and any scripts you write.

> It's forbidden to use external scripts, in the audit you will be asked different questions about the concepts and the practices of this project, prepare yourself!
-												fix(hole-in-bin) add a new VM with serie of exercices

											
										
										
											1 year ago
+								# Hole-In-Bin
 								<center>
 								<img src="./pictures/meme.png?raw=true" style = "width: 600px !important; height: 737px !important;"/>
 								</center>
-												docs(cibersecurity): add cibersecurity branch subjects to public

											
										
										
											1 year ago
 								### Objective
-												fix(hole-in-bin) add a new VM with serie of exercices

											
										
										
											1 year ago
+								This exercise is designed to test your skills and understanding of binary exploitation and reverse engineering. You will need to work through a series of binary exploitation challenges using a provided virtual machine.
-												docs(cibersecurity): add cibersecurity branch subjects to public

											
										
										
											1 year ago
-												fix(hole-in-bin) add a new VM with serie of exercices

											
										
										
											1 year ago
+								### Setup
-												docs(cibersecurity): add cibersecurity branch subjects to public

											
										
										
											1 year ago
-												docs(cybersecurity): clarify that the extra VM provided are for Apple Silicon compatibility

											
										
										
											1 month ago
+. Download the virtual machine image [hole-in-bin.ova](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.ova). For machine running with Apple Silicon CPU or ARM architecture (e.g. M1, M2 ...) use the following [hole-in-bin.utm.zip](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.utm.zip). This image contains all the binaries you will need to exploit.
-												docs(cibersecurity): add cibersecurity branch subjects to public

											
										
										
											1 year ago
-												fix(hole-in-bin) add a new VM with serie of exercices

											
										
										
											1 year ago
+								SHA1: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c
-												docs(cibersecurity): add cibersecurity branch subjects to public

											
										
										
											1 year ago
-												fix(hole-in-bin) add a new VM with serie of exercices

											
										
										
											1 year ago
+. Load the virtual machine image into your virtualization software of choice (e.g., VirtualBox, VMWare).
-												docs(cibersecurity): add cibersecurity branch subjects to public

											
										
										
											1 year ago
-												fix(hole-in-bin) add a new VM with serie of exercices

											
										
										
											1 year ago
+. Login using the provided credentials (username: user, password: user).
-												docs(cibersecurity): add cibersecurity branch subjects to public

											
										
										
											1 year ago
-												fix(hole-in-bin) add a new VM with serie of exercices

											
										
										
											1 year ago
+								> You will set up a new VM in the audit session!
 								### The Challenges
 								Inside the `/opt/hole-in-bin` directory, you will find a set of binaries (ex00 to ex11) that you need to exploit. Each binary presents a unique challenge and will test different aspects of your knowledge about binary exploitation and reverse engineering.
 								You can find more details in a `README.txt` file inside each exercise folder.
 								Your task is to exploit these binaries, following ethical hacking guidelines.
-												docs(cibersecurity): add cibersecurity branch subjects to public

											
										
										
											1 year ago
-												fix(hole-in-bin) add a new VM with serie of exercices

											
										
										
											1 year ago
+								> Using a decompiler is forbidden, use a disassembler instead of it!
-												docs(cibersecurity): add cibersecurity branch subjects to public

											
										
										
											1 year ago
-												fix(hole-in-bin) add a new VM with serie of exercices

											
										
										
											1 year ago
+								- The compiler is used to convert high-level programming language code into machine language code.
 								- The assembler converts assembly-level language code into machine language code.
-												docs(cybersecurity): add warning to advise that projects are for educative purposes only

											
										
										
											1 year ago
 								> ⚠️ These methods and tools are for educational purposes only, so that you have a better understanding of how to protect against similar vulnerabilities. You must ensure that you do not attempt any exploit-type activity without the explicit permission of the owner of the machine, system or application. Failure to obtain permission risks breaking the law.
-												fix(hole-in-bin) add a new VM with serie of exercices

											
										
										
											1 year ago
 								### Submission and audit
 								Files that must be inside your repository:
 								- A `README.md` file, Which explains all the steps you went through to bypass each exercise.
 								- All tools you use, and any scripts you write.
-												docs(hole-in-bin) fix format

											
										
										
											1 year ago
+								> It's forbidden to use external scripts, in the audit you will be asked different questions about the concepts and the practices of this project, prepare yourself!