@ -10,9 +10,10 @@ This exercise is designed to test your skills and understanding of binary exploi
### Setup
1. Download the virtual machine image [hole-in-bin.ova](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.ova). This image contains all the binaries you will need to exploit.
1. Download the virtual machine image [hole-in-bin.ova](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.ova). For machine running with Apple Silicon CPU or ARM architecture (e.g. M1, M2 ...) use the following [hole-in-bin.utm.zip](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.utm.zip). This image contains all the binaries you will need to exploit.
SHA1: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c
SHA1 for `hole-in-bin.ova`: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c
SHA1 for `hole-in-bin.utm.zip`: fc93533b2054d10d03b09d53c223e57bf7ac7b62
2. Load the virtual machine image into your virtualization software of choice (e.g., VirtualBox, VMWare).
1. Download the virtual machine image [hole-in-bin.ova](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.ova). This image contains all the binaries you will need for the audit.
1. Download the virtual machine image [hole-in-bin.ova](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.ova).
For machine using Apple Silicon or equivalent get [hole-in-bin.utm.zip](https://assets.01-edu.org/cybersecurity/hole-in-bin/hole-in-bin.utm.zip).
This image contains all the binaries you will need for the audit.
SHA1: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c
SHA1 for `hole-in-bin.ova`: 7db09b7a8fdfe25c286561dfa7ca5b50718bd60c
SHA1 for `hole-in-bin.utm.zip`: fc93533b2054d10d03b09d53c223e57bf7ac7b62
> If it's already downloaded in the student machine, please check the SHA1 running the following command
```console
$ sha1sum <filename>
<SHA1>
```
2. Load the virtual machine image into your virtualization software of choice (e.g., VirtualBox, VMWare).
- [01-Local1.ova](https://assets.01-edu.org/cybersecurity/local/01-Local.ova). For machine running with Apple Silicon CPU or ARM architecture (e.g. M1, M2 ...) use the following [01-Local1.utm.zip](https://assets.01-edu.org/cybersecurity/local/01-Local1.utm.zip)
SHA1 for `01-Local1.ova`: f3422f3364fd38e8183740f8f57fa951d3f6e0bf
SHA1 for `01-Local1.utm.zip`: d4a40ca50044778ddc01a57ac16382e4140000e0
- The modification in GRUB or in the VM to get the root access is forbidden!
- a README.md file, Which explains all the steps you went through in order to reach root access.
- A README.md file, Which explains all the steps you went through in order to reach root access.
Don’t hesitate to doublecheck the names of your folders and files to ensure they are correct!
Don’t hesitate to double-check the names of your folders and files to ensure they are correct!
> ⚠️ These methods and tools are for educational purposes only, so that you have a better understanding of how to protect against similar vulnerabilities. You must ensure that you do not attempt any exploit-type activity without the explicit permission of the owner of the machine, system or application. Failure to obtain permission risks breaking the law.