crash.software
Projects
Pull Requests
Issues
Builds
wrongsecrets
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY wrongsecrets Commits 02c237df
🤬
  • ■ ■ ■ ■ ■ ■
    .github/scripts/docker-create.sh
    skipped 44 lines
    45 45   cd ../..
    46 46   heroku container:push --recursive --arg argBasedVersion=${tag}heroku --app arcane-scrubland-42646
    47 47   heroku container:release web --app arcane-scrubland-42646
    48  - heroku container:push --recursive --arg argBasedVersion=${tag}heroku --arg CTF_ENABLED=true --arg HINTS_ENABLED=false --app wrongsecrets-ctf
     48 + heroku container:push --recursive --arg argBasedVersion=${tag}heroku,CTF_ENABLED=true,HINTS_ENABLED=false --app wrongsecrets-ctf
    49 49   heroku container:release web --app wrongsecrets-ctf
    50 50   exit
    51 51  }
    skipped 4 lines
    56 56   heroku container:login
    57 57   echo "heroku deployment to prod"
    58 58   cd ../..
    59  - heroku container:push --recursive --arg argBasedVersion=${tag}heroku --arg CANARY_URLS=http://canarytokens.com/feedback/images/traffic/tgy3epux7jm59n0ejb4xv4zg3/submit.aspx,http://canarytokens.com/traffic/cjldn0fsgkz97ufsr92qelimv/post.jsp --app=wrongsecrets
     59 + heroku container:push --recursive --arg argBasedVersion=${tag}heroku,CANARY_URLS=http://canarytokens.com/feedback/images/traffic/tgy3epux7jm59n0ejb4xv4zg3/submit.aspx,http://canarytokens.com/traffic/cjldn0fsgkz97ufsr92qelimv/post.jsp --app=wrongsecrets
    60 60   heroku container:release web --app=wrongsecrets
    61 61   exit
    62 62  }
    skipped 282 lines
  • ■ ■ ■ ■
    Dockerfile.web
    1  -FROM jeroenwillemsen/wrongsecrets:ctfdtest10-no-vault
     1 +FROM jeroenwillemsen/wrongsecrets:ctfdtest12-no-vault
    2 2   
    3 3  ARG argBasedVersion="1.4.7"
    4 4  ARG CANARY_URLS="http://canarytokens.com/terms/about/s7cfbdakys13246ewd8ivuvku/post.jsp,http://canarytokens.com/terms/about/y0all60b627gzp19ahqh7rl6j/post.jsp"
    skipped 13 lines
  • ■ ■ ■ ■ ■
    README.md
    skipped 212 lines
    213 213  Want to know if your tool detects everything? We will keep track of the embedded secrets in [this issue](https://github.com/commjoen/wrongsecrets/issues/201) and have a [branch](https://github.com/commjoen/wrongsecrets/tree/experiment-bed) in which we put additional secrets for your tool to detect.
    214 214  The branch will contain a Docker container generation script using which you can eventually test your container secret scanning.
    215 215   
    216  -## CTFD Support - Experimental
     216 +## CTF
    217 217   
    218  -NOTE: CTFD support is experimental, but can work based on the [Juiceshop CTF CLI](https://github.com/juice-shop/juice-shop-ctf).
     218 +### CTFD Support
     219 + 
     220 +NOTE: CTFD support is experimental, and now works based on the [Juiceshop CTF CLI](https://github.com/juice-shop/juice-shop-ctf).
    219 221  NOTE-II: https://wrongsecrets-ctf.herokuapp.com is based on a free heroku instance, which takes time to warm up. Initial creation of the zip file for CTFD requires you to visit [https://wrongsecrets-ctf.herokuapp.com/api/Challenges](https://wrongsecrets-ctf.herokuapp.com/api/Challenges) once before executing the steps below.
    220 222   
    221 223  Follow the following steps:
    222 224   
    223 225  ```shell
    224 226   npm install -g juice-shop-ctf-cli
    225  - juice-shop-ctf #choose ctfd and https://wrongsecrets-ctf.herokuapp.com as domain. No trailing slash! The key is 'TRwzkRJnHOTckssAeyJbysWgP!Qc2T'
    226  - docker run -p 8001:8000 -it ctfd/ctfd:3.4.3 # configure challenge and import the zip from juice-shop-ctf
     227 + juice-shop-ctf #choose ctfd and https://wrongsecrets-ctf.herokuapp.com as domain. No trailing slash! The key is 'TRwzkRJnHOTckssAeyJbysWgP!Qc2T', feel free to enable hints. We do not support snippets or links/urls to code or hints.
     228 + docker run -p 8001:8000 -it ctfd/ctfd:3.4.3
    227 229  ```
    228 230   
     231 +Now visit the CTFD instance at [http://localhost:8001](http://localhost:8001) and setup your CTF. Then use the administrative backup function to import the zipfile you created with the juice-shop-ctf command.
    229 232  Game on using [https://wrongsecrets-ctf.herokuapp.com](https://wrongsecrets-ctf.herokuapp.com) !
    230  -Want to setup your own? You can!
     233 +Want to setup your own? You can! Watch out for people finding your key though, so secure it properly: make sure the running container with the actual ctf-key is not exposed to the audience, similar to our heroku container.
     234 + 
     235 +## FBCTF Support (Experimental!)
     236 + 
     237 +NOTE: FBCTF support is experimental.
     238 + 
     239 +follow the same step as with CTFD, only now choose fbctfd and as a url for the countrymapping choose `https://raw.githubusercontent.com/commjoen/wrongsecrets/79a982558016c8ce70948a8106f9a2ee5b5b9eea/config/fbctf.yml`. Then follow [https://github.com/facebookarchive/fbctf/wiki/Quick-Setup-Guide](https://github.com/facebookarchive/fbctf/wiki/Quick-Setup-Guide) to run the FBCTF.
     240 + 
     241 + 
    231 242   
    232 243  ## Notes on development
    233 244   
    skipped 78 lines
  • ■ ■ ■ ■ ■ ■
    config/fbctf.yml
     1 +ctf:
     2 + showFlagsInNotifications: true
     3 + showCountryDetailsInNotifications: both
     4 + countryMapping:
     5 + challenge1:
     6 + name: Canada
     7 + code: CA
     8 + challenge2:
     9 + name: Austria
     10 + code: AT
     11 + challenge3:
     12 + name: Israel
     13 + code: IL
     14 + challenge4:
     15 + name: Russian Federation
     16 + code: RU
     17 + challenge5:
     18 + name: Honduras
     19 + code: HN
     20 + challenge6:
     21 + name: Guatemala
     22 + code: GT
     23 + challenge7:
     24 + name: Germany
     25 + code: DE
     26 + challenge8:
     27 + name: Uruguay
     28 + code: UY
     29 + challenge9:
     30 + name: Myanmar
     31 + code: MM
     32 + challenge10:
     33 + name: Costa Rica
     34 + code: CR
     35 + challenge11:
     36 + name: Paraguay
     37 + code: PY
     38 + challenge12:
     39 + name: Slovakia
     40 + code: SK
     41 + challenge13:
     42 + name: Madagascar
     43 + code: MG
     44 + challenge14:
     45 + name: Belize
     46 + code: BZ
     47 + challenge15:
     48 + name: Korea (Democratic People's Republic of)
     49 + code: KP
     50 + challenge16:
     51 + name: Korea
     52 + code: KR
     53 + challenge17:
     54 + name: Belarus
     55 + code: BY
     56 + challenge18:
     57 + name: Bolivia
     58 + code: BO
     59 + challenge19:
     60 + name: Switzerland
     61 + code: CH
     62 + challenge20:
     63 + name: Peru
     64 + code: PE
     65 + challenge21:
     66 + name: Ukraine
     67 + code: UA
     68 + challenge22:
     69 + name: United States of America
     70 + code: US
     71 + challenge23:
     72 + name: Turkey
     73 + code: TR
     74 + challenge24:
     75 + name: Suriname
     76 + code: SR
     77 + challenge25:
     78 + name: Colombia
     79 + code: CO
     80 + challenge26:
     81 + name: Poland
     82 + code: PL
     83 + challenge27:
     84 + name: Ecuador
     85 + code: EC
     86 + challenge28:
     87 + name: Sri Lanka
     88 + code: LK
     89 + challenge29:
     90 + name: Eritrea
     91 + code: ER
     92 + challenge30:
     93 + name: Panama
     94 + code: PA
     95 + 
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/InMemoryScoreCard.java
    skipped 6 lines
    7 7   
    8 8  public class InMemoryScoreCard implements ScoreCard {
    9 9   
    10  - private final int maxPoints;
     10 + private final int maxNumberOfChallenges;
    11 11   private final Set<Challenge> solvedChallenges = new HashSet<>();
    12 12   
    13 13   public InMemoryScoreCard(int numberOfChallenge) {
    14  - maxPoints = numberOfChallenge * 50;
     14 + maxNumberOfChallenges = numberOfChallenge;
    15 15   }
    16 16   
    17 17   @Override
    skipped 8 lines
    26 26   
    27 27   @Override
    28 28   public float getProgress() {
    29  - return (100 / (float) maxPoints) * getTotalReceivedPoints();
     29 + return ((float) 100 / maxNumberOfChallenges) * solvedChallenges.size();
    30 30   }
    31 31   
    32 32   @Override
    33 33   public int getTotalReceivedPoints() {
    34  - return solvedChallenges.size() * 50;
     34 + return solvedChallenges.stream().map(challenge -> challenge.difficulty() * (100 + (challenge.difficulty() - 1) * 25)).reduce(0, Integer::sum);
    35 35   }
    36 36   
    37 37   @Override
    skipped 5 lines
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/StatsController.java
    skipped 14 lines
    15 15   @Autowired
    16 16   private SessionConfiguration sessionConfiguration;
    17 17   
     18 + @Value("${hints_enabled}")
     19 + private boolean hintsEnabled;
     20 + @Value("${reason_enabled}")
     21 + private boolean reasonEnabled;
     22 + @Value("${ctf_enabled}")
     23 + private boolean ctfModeEnabled;
     24 + 
    18 25   @Value("${canarytokenURLs}")
    19 26   private String[] canaryTokenURLs;
    20 27   
    skipped 3 lines
    24 31   model.addAttribute("sessioncounter", sessionConfiguration.getCounter());
    25 32   model.addAttribute("lastCanaryToken", canaryCounter.getLastToken());
    26 33   model.addAttribute("canarytokenURLs", canaryTokenURLs);
     34 + model.addAttribute("hintsEnabled", hintsEnabled);
     35 + model.addAttribute("reasonEnabled", reasonEnabled);
     36 + model.addAttribute("ctfModeEnabled",ctfModeEnabled);
    27 37   return "stats";
    28 38   }
    29 39  }
    skipped 1 lines
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/Challenge.java
    skipped 20 lines
    21 21   
    22 22   public abstract int difficulty();
    23 23   
     24 + public abstract String getTech();
     25 + 
    24 26   public boolean solved(String answer) {
    25 27   var correctAnswer = answerCorrect(answer);
    26 28   if (correctAnswer) {
    skipped 18 lines
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/ChallengeUI.java
    skipped 37 lines
    38 38   return challengeNumber;
    39 39   }
    40 40   
     41 + public String getTech() {
     42 + return challenge.getTech();
     43 + }
     44 + 
    41 45   public Integer next() {
    42 46   return challengeNumber + 1;
    43 47   }
    skipped 36 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/ChallengesAPIController.java
    skipped 12 lines
    13 13  import org.springframework.util.ResourceUtils;
    14 14  import org.springframework.web.bind.annotation.GetMapping;
    15 15  import org.springframework.web.bind.annotation.RestController;
     16 +import org.yaml.snakeyaml.Yaml;
    16 17   
    17 18  import java.io.BufferedReader;
    18 19  import java.io.IOException;
    19 20  import java.io.InputStreamReader;
    20 21  import java.util.ArrayList;
    21 22  import java.util.List;
     23 +import java.util.Locale;
    22 24   
    23 25  @Slf4j
    24 26  @RestController
    skipped 29 lines
    54 56   jsonChallenge.put("id", i);
    55 57   jsonChallenge.put("name", challenges.get(i).getName());
    56 58   jsonChallenge.put("key", challenges.get(i).getExplanation());
    57  - jsonChallenge.put("category", getCategory(challenges.get(i)));
     59 + jsonChallenge.put("category", getCategory(challenges.get(i)) + " - " + challenges.get(i).getTech());
    58 60   jsonChallenge.put("description", descriptions.get(i));
    59 61   jsonChallenge.put("hint", hints.get(i));
    60 62   jsonChallenge.put("solved", scoreCard.getChallengeCompleted(challenges.get(i).getChallenge()));
    skipped 59 lines
    120 122   }
    121 123   return null;
    122 124   }
     125 + 
    123 126  }
    124 127   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/cloud/Challenge10.java
    skipped 60 lines
    61 61   public int difficulty() {
    62 62   return 4;
    63 63   }
     64 + 
     65 + @Override
     66 + public String getTech() {
     67 + return "CSI-Driver";
     68 + }
    64 69  }
    65 70   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/cloud/Challenge11.java
    skipped 88 lines
    89 89   return 4;
    90 90   }
    91 91   
     92 + @Override
     93 + public String getTech() {
     94 + return "IAM Privilege escalation";
     95 + }
     96 + 
    92 97   private String getChallenge11Value(RuntimeEnvironment runtimeEnvironment) {
    93 98   if (runtimeEnvironment != null && runtimeEnvironment.getRuntimeEnvironment() != null) {
    94 99   return switch (runtimeEnvironment.getRuntimeEnvironment()) {
    skipped 83 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/cloud/Challenge9.java
    skipped 60 lines
    61 61   public int difficulty() {
    62 62   return 3;
    63 63   }
     64 + 
     65 + @Override
     66 + public String getTech() {
     67 + return "Terraform";
     68 + }
    64 69  }
    65 70   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge1.java
    skipped 37 lines
    38 38   public int difficulty() {
    39 39   return 1;
    40 40   }
     41 + 
     42 + @Override
     43 + public String getTech() {
     44 + return "Git";
     45 + }
    41 46  }
    42 47   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge12.java
    skipped 46 lines
    47 47   return 3;
    48 48   }
    49 49   
     50 + @Override
     51 + public String getTech() {
     52 + return "Docker";
     53 + }
     54 + 
    50 55   private String getActualData() {
    51 56   try {
    52 57   return Files.readString(Paths.get(dockerMountPath, "yourkey.txt"));
    skipped 7 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge13.java
    skipped 52 lines
    53 53   return 3;
    54 54   }
    55 55   
     56 + @Override
     57 + public String getTech() {
     58 + return "CI/CD";
     59 + }
     60 + 
    56 61   private boolean isKeyCorrect(String base64EncodedKey) {
    57 62   if (Strings.isEmpty(base64EncodedKey) || Strings.isEmpty(plainText) || Strings.isEmpty(cipherText)) {
    58 63   log.info("Checking secret with values {}, {}, {}", base64EncodedKey, plainText, cipherText);
    skipped 26 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge14.java
    skipped 58 lines
    59 59   return 4;
    60 60   }
    61 61   
     62 + @Override
     63 + public String getTech() {
     64 + return "Password manager";
     65 + }
     66 + 
    62 67   private String findAnswer() {
    63 68   if (Strings.isEmpty(keepassxPassword)) {
    64 69   log.info("Checking secret with values {}", keepassxPassword);
    skipped 24 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge15.java
    skipped 53 lines
    54 54   return 2;
    55 55   }
    56 56   
     57 + @Override
     58 + public String getTech() {
     59 + return "Git";
     60 + }
     61 + 
    57 62   private String quickDecrypt(String cipherText) {
    58 63   try {
    59 64   final byte[] keyData = Base64.getDecoder().decode(encryptionKey);
    skipped 29 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge16.java
    skipped 46 lines
    47 47   return 3;
    48 48   }
    49 49   
     50 + @Override
     51 + public String getTech() {
     52 + return "Front-end";
     53 + }
     54 + 
    50 55   public String getActualData() {
    51 56   try {
    52 57   return Files.readString(Paths.get(dockerMountPath, "secondkey.txt"));
    skipped 7 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge17.java
    skipped 46 lines
    47 47   return 3;
    48 48   }
    49 49   
     50 + @Override
     51 + public String getTech() {
     52 + return "Docker";
     53 + }
     54 + 
    50 55   public String getActualData() {
    51 56   try {
    52 57   return Files.readString(Paths.get(dockerMountPath, "thirdkey.txt"));
    skipped 7 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge18.java
    skipped 69 lines
    70 70   public int difficulty() {
    71 71   return 5;
    72 72   }
     73 + 
     74 + @Override
     75 + public String getTech() {
     76 + return "Hashing";
     77 + }
    73 78  }
    74 79   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge19.java
    skipped 43 lines
    44 44   public int difficulty() {
    45 45   return 4;
    46 46   }
     47 + 
     48 + @Override
     49 + public String getTech() {
     50 + return "Binary";
     51 + }
    47 52  }
    48 53   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge2.java
    skipped 41 lines
    42 42   public int difficulty() {
    43 43   return 1;
    44 44   }
     45 + 
     46 + @Override
     47 + public String getTech() {
     48 + return "Git";
     49 + }
    45 50  }
    46 51   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge20.java
    skipped 43 lines
    44 44   public int difficulty() {
    45 45   return 4;
    46 46   }
     47 + 
     48 + @Override
     49 + public String getTech() {
     50 + return "Binary";
     51 + }
    47 52  }
    48 53   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge21.java
    skipped 43 lines
    44 44   public int difficulty() {
    45 45   return 5;
    46 46   }
     47 + 
     48 + @Override
     49 + public String getTech() {
     50 + return "Binary";
     51 + }
    47 52  }
    48 53   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge22.java
    skipped 42 lines
    43 43   public int difficulty() {
    44 44   return 5;
    45 45   }
     46 + 
     47 + @Override
     48 + public String getTech() {
     49 + return "Binary";
     50 + }
    46 51  }
    47 52   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge3.java
    skipped 41 lines
    42 42   public int difficulty() {
    43 43   return 1;
    44 44   }
     45 + 
     46 + @Override
     47 + public String getTech() {
     48 + return "Docker";
     49 + }
    45 50  }
    46 51   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge4.java
    skipped 43 lines
    44 44   return 2;
    45 45   }
    46 46   
     47 + @Override
     48 + public String getTech() {
     49 + return "Docker";
     50 + }
     51 + 
    47 52  }
    48 53   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge8.java
    skipped 49 lines
    50 50   return 2;
    51 51   }
    52 52   
     53 + @Override
     54 + public String getTech() {
     55 + return "Logging";
     56 + }
     57 + 
    53 58   private String generateRandomString(int length) {
    54 59   StringBuilder builder = new StringBuilder(length);
    55 60   for (int i = 0; i < length; i++) {
    skipped 6 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/Challenge5.java
    skipped 41 lines
    42 42   public int difficulty() {
    43 43   return 2;
    44 44   }
     45 + 
     46 + @Override
     47 + public String getTech() {
     48 + return "Configmaps";
     49 + }
    45 50  }
    46 51   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/Challenge6.java
    skipped 41 lines
    42 42   public int difficulty() {
    43 43   return 2;
    44 44   }
     45 + 
     46 + @Override
     47 + public String getTech() {
     48 + return "Secrets";
     49 + }
    45 50  }
    46 51   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/Challenge7.java
    skipped 46 lines
    47 47   public int difficulty() {
    48 48   return 4;
    49 49   }
     50 + 
     51 + @Override
     52 + public String getTech() {
     53 + return "Vault";
     54 + }
    50 55  }
    51 56   
  • ■ ■ ■ ■ ■ ■
    src/main/resources/templates/stats.html
    skipped 6 lines
    7 7   <h1>Current Stats</h1>
    8 8   <p>Number of active sessions:</p>
    9 9   <p th:text="${sessioncounter}"></p>
     10 + <p>Hints enabled:<span th:text="${hintsEnabled}"></span></p>
     11 + <p>Reason enabled:<span th:text="${reasonEnabled}"></span></p>
     12 + <p>CTF-mode enabled:<span th:text="${ctfModeEnabled}"></span></p>
     13 + 
    10 14   <p>Number of canary callbacks since boot:</p>
    11 15   <p th:text="${canaryCounter}"></p>
    12 16   <p>Last canary token received:</p>
    skipped 11 lines
  • ■ ■ ■ ■ ■ ■
    src/main/resources/templates/welcome.html
    skipped 20 lines
    21 21   <thead>
    22 22   <tr>
    23 23   <th scope="col">#</th>
    24  - <th scope="col">Challenge &nbsp;&nbsp;&nbsp;&nbsp;</th>
    25  - <th scope="col" th:text="'Required environments (current: '+${environment}+')'"></th>
     24 + <th scope="col">Challenge&nbsp;&nbsp;&nbsp;</th>
     25 + <th scope="col">Focus&nbsp;&nbsp;&nbsp;</th>
     26 + <th scope="col" th:text="'Runs on environment (current: '+${environment}+')'"></th>
    26 27   </tr>
    27 28   </thead>
    28 29   <tbody>
    skipped 3 lines
    32 33   th:class="${challenge.isChallengeEnabled} ? '' : 'disabled'"><span
    33 34   th:text="${challenge.name}"
    34 35   th:remove="tag"></span></a></td>
     36 + <td th:text="${challenge.tech}"></td>
    35 37   <th:block th:if="${challenge.requiredEnv} == 'DOCKER'">
    36 38   <td>Docker</td>
    37 39   </th:block>
    38 40   <th:block th:if="${challenge.requiredEnv} == 'K8S'">
    39  - <td>Kubernetes or Minikube</td>
     41 + <td>K8s or Minikube</td>
    40 42   </th:block>
    41 43   <th:block th:if="${challenge.requiredEnv} == 'VAULT'">
    42  - <td>Kubernetes or Minikube with Vault</td>
     44 + <td>K8s or Minikube with Vault</td>
    43 45   </th:block>
    44 46   <th:block
    45 47   th:if="${challenge.requiredEnv} == 'AWS' or ${challenge.requiredEnv} == 'GCP'or ${challenge.requiredEnv} == 'AZURE'">
    skipped 103 lines
  • ■ ■ ■ ■ ■
    src/test/java/org/owasp/wrongsecrets/InMemoryScoreCardTest.java
    skipped 6 lines
    7 7  import org.mockito.junit.jupiter.MockitoExtension;
    8 8  import org.owasp.wrongsecrets.challenges.Challenge;
    9 9   
     10 +import static org.mockito.ArgumentMatchers.anyString;
     11 +import static org.mockito.Mockito.when;
     12 + 
    10 13  @ExtendWith(MockitoExtension.class)
    11 14  class InMemoryScoreCardTest {
    12 15   
    skipped 5 lines
    18 21   
    19 22   @Test
    20 23   void whenOneChallengeSolvedPointsShouldBeCalculatedCorrectly() {
     24 + when(challenge1.difficulty()).thenReturn(2);
    21 25   var scoring = new InMemoryScoreCard(2);
    22 26   scoring.completeChallenge(challenge1);
    23 27   
    24  - Assertions.assertThat(scoring.getTotalReceivedPoints()).isEqualTo(50);
     28 + Assertions.assertThat(scoring.getTotalReceivedPoints()).isEqualTo(250);
    25 29   }
    26 30   
    27 31   @Test
    28 32   void solvingAllChallengesShouldCalculateMaxPoints() {
     33 + when(challenge1.difficulty()).thenReturn(1);
     34 + when(challenge2.difficulty()).thenReturn(3);
    29 35   var scoring = new InMemoryScoreCard(2);
    30 36   scoring.completeChallenge(challenge1);
    31 37   scoring.completeChallenge(challenge2);
    32 38   
    33  - Assertions.assertThat(scoring.getTotalReceivedPoints()).isEqualTo(100);
     39 + Assertions.assertThat(scoring.getTotalReceivedPoints()).isEqualTo(550);
    34 40   }
    35 41   
    36 42  }
    skipped 1 lines
Please wait...
Page is in error, reload to recover