crash.software
Projects
Pull Requests
Issues
Builds
wrongsecrets
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY wrongsecrets Commits 3102e55b
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■ ■
    .github/scripts/docker-create.sh
    skipped 44 lines
    45 45   cd ../..
    46 46   heroku container:push --recursive --arg argBasedVersion=${tag}heroku --app arcane-scrubland-42646
    47 47   heroku container:release web --app arcane-scrubland-42646
    48  - heroku container:push --recursive --arg argBasedVersion=${tag}heroku --arg CTF_ENABLED=true --arg HINTS_ENABLED=false --app wrongsecrets-ctf
     48 + heroku container:push --recursive --arg argBasedVersion=${tag}heroku,CTF_ENABLED=true,HINTS_ENABLED=false --app wrongsecrets-ctf
    49 49   heroku container:release web --app wrongsecrets-ctf
    50 50   exit
    51 51  }
    skipped 4 lines
    56 56   heroku container:login
    57 57   echo "heroku deployment to prod"
    58 58   cd ../..
    59  - heroku container:push --recursive --arg argBasedVersion=${tag}heroku --arg CANARY_URLS=http://canarytokens.com/feedback/images/traffic/tgy3epux7jm59n0ejb4xv4zg3/submit.aspx,http://canarytokens.com/traffic/cjldn0fsgkz97ufsr92qelimv/post.jsp --app=wrongsecrets
     59 + heroku container:push --recursive --arg argBasedVersion=${tag}heroku,CANARY_URLS=http://canarytokens.com/feedback/images/traffic/tgy3epux7jm59n0ejb4xv4zg3/submit.aspx,http://canarytokens.com/traffic/cjldn0fsgkz97ufsr92qelimv/post.jsp --app=wrongsecrets
    60 60   heroku container:release web --app=wrongsecrets
    61 61   exit
    62 62  }
    skipped 282 lines
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/Challenge.java
    skipped 20 lines
    21 21   
    22 22   public abstract int difficulty();
    23 23   
     24 + public abstract String getTech();
     25 + 
    24 26   public boolean solved(String answer) {
    25 27   var correctAnswer = answerCorrect(answer);
    26 28   if (correctAnswer) {
    skipped 18 lines
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/ChallengeUI.java
    skipped 37 lines
    38 38   return challengeNumber;
    39 39   }
    40 40   
     41 + public String getTech() {
     42 + return challenge.getTech();
     43 + }
     44 + 
    41 45   public Integer next() {
    42 46   return challengeNumber + 1;
    43 47   }
    skipped 36 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/ChallengesAPIController.java
    skipped 53 lines
    54 54   jsonChallenge.put("id", i);
    55 55   jsonChallenge.put("name", challenges.get(i).getName());
    56 56   jsonChallenge.put("key", challenges.get(i).getExplanation());
    57  - jsonChallenge.put("category", getCategory(challenges.get(i)));
     57 + jsonChallenge.put("category", getCategory(challenges.get(i)) + " - " + challenges.get(i).getTech());
    58 58   jsonChallenge.put("description", descriptions.get(i));
    59 59   jsonChallenge.put("hint", hints.get(i));
    60 60   jsonChallenge.put("solved", scoreCard.getChallengeCompleted(challenges.get(i).getChallenge()));
    skipped 64 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/cloud/Challenge10.java
    skipped 60 lines
    61 61   public int difficulty() {
    62 62   return 4;
    63 63   }
     64 + 
     65 + @Override
     66 + public String getTech() {
     67 + return "CSI-Driver";
     68 + }
    64 69  }
    65 70   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/cloud/Challenge11.java
    skipped 88 lines
    89 89   return 4;
    90 90   }
    91 91   
     92 + @Override
     93 + public String getTech() {
     94 + return "IAM Privilege escalation";
     95 + }
     96 + 
    92 97   private String getChallenge11Value(RuntimeEnvironment runtimeEnvironment) {
    93 98   if (runtimeEnvironment != null && runtimeEnvironment.getRuntimeEnvironment() != null) {
    94 99   return switch (runtimeEnvironment.getRuntimeEnvironment()) {
    skipped 83 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/cloud/Challenge9.java
    skipped 60 lines
    61 61   public int difficulty() {
    62 62   return 3;
    63 63   }
     64 + 
     65 + @Override
     66 + public String getTech() {
     67 + return "Terraform";
     68 + }
    64 69  }
    65 70   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge1.java
    skipped 37 lines
    38 38   public int difficulty() {
    39 39   return 1;
    40 40   }
     41 + 
     42 + @Override
     43 + public String getTech() {
     44 + return "Git";
     45 + }
    41 46  }
    42 47   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge12.java
    skipped 46 lines
    47 47   return 3;
    48 48   }
    49 49   
     50 + @Override
     51 + public String getTech() {
     52 + return "Docker";
     53 + }
     54 + 
    50 55   private String getActualData() {
    51 56   try {
    52 57   return Files.readString(Paths.get(dockerMountPath, "yourkey.txt"));
    skipped 7 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge13.java
    skipped 52 lines
    53 53   return 3;
    54 54   }
    55 55   
     56 + @Override
     57 + public String getTech() {
     58 + return "CI/CD";
     59 + }
     60 + 
    56 61   private boolean isKeyCorrect(String base64EncodedKey) {
    57 62   if (Strings.isEmpty(base64EncodedKey) || Strings.isEmpty(plainText) || Strings.isEmpty(cipherText)) {
    58 63   log.info("Checking secret with values {}, {}, {}", base64EncodedKey, plainText, cipherText);
    skipped 26 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge14.java
    skipped 58 lines
    59 59   return 4;
    60 60   }
    61 61   
     62 + @Override
     63 + public String getTech() {
     64 + return "Password manager";
     65 + }
     66 + 
    62 67   private String findAnswer() {
    63 68   if (Strings.isEmpty(keepassxPassword)) {
    64 69   log.info("Checking secret with values {}", keepassxPassword);
    skipped 24 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge15.java
    skipped 53 lines
    54 54   return 2;
    55 55   }
    56 56   
     57 + @Override
     58 + public String getTech() {
     59 + return "Git";
     60 + }
     61 + 
    57 62   private String quickDecrypt(String cipherText) {
    58 63   try {
    59 64   final byte[] keyData = Base64.getDecoder().decode(encryptionKey);
    skipped 29 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge16.java
    skipped 46 lines
    47 47   return 3;
    48 48   }
    49 49   
     50 + @Override
     51 + public String getTech() {
     52 + return "Front-end";
     53 + }
     54 + 
    50 55   public String getActualData() {
    51 56   try {
    52 57   return Files.readString(Paths.get(dockerMountPath, "secondkey.txt"));
    skipped 7 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge17.java
    skipped 46 lines
    47 47   return 3;
    48 48   }
    49 49   
     50 + @Override
     51 + public String getTech() {
     52 + return "Docker";
     53 + }
     54 + 
    50 55   public String getActualData() {
    51 56   try {
    52 57   return Files.readString(Paths.get(dockerMountPath, "thirdkey.txt"));
    skipped 7 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge18.java
    skipped 69 lines
    70 70   public int difficulty() {
    71 71   return 5;
    72 72   }
     73 + 
     74 + @Override
     75 + public String getTech() {
     76 + return "Hashing";
     77 + }
    73 78  }
    74 79   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge19.java
    skipped 43 lines
    44 44   public int difficulty() {
    45 45   return 4;
    46 46   }
     47 + 
     48 + @Override
     49 + public String getTech() {
     50 + return "Binary";
     51 + }
    47 52  }
    48 53   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge2.java
    skipped 41 lines
    42 42   public int difficulty() {
    43 43   return 1;
    44 44   }
     45 + 
     46 + @Override
     47 + public String getTech() {
     48 + return "Git";
     49 + }
    45 50  }
    46 51   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge20.java
    skipped 43 lines
    44 44   public int difficulty() {
    45 45   return 4;
    46 46   }
     47 + 
     48 + @Override
     49 + public String getTech() {
     50 + return "Binary";
     51 + }
    47 52  }
    48 53   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge21.java
    skipped 43 lines
    44 44   public int difficulty() {
    45 45   return 5;
    46 46   }
     47 + 
     48 + @Override
     49 + public String getTech() {
     50 + return "Binary";
     51 + }
    47 52  }
    48 53   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge22.java
    skipped 42 lines
    43 43   public int difficulty() {
    44 44   return 5;
    45 45   }
     46 + 
     47 + @Override
     48 + public String getTech() {
     49 + return "Binary";
     50 + }
    46 51  }
    47 52   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge3.java
    skipped 41 lines
    42 42   public int difficulty() {
    43 43   return 1;
    44 44   }
     45 + 
     46 + @Override
     47 + public String getTech() {
     48 + return "Docker";
     49 + }
    45 50  }
    46 51   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge4.java
    skipped 43 lines
    44 44   return 2;
    45 45   }
    46 46   
     47 + @Override
     48 + public String getTech() {
     49 + return "Docker";
     50 + }
     51 + 
    47 52  }
    48 53   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge8.java
    skipped 49 lines
    50 50   return 2;
    51 51   }
    52 52   
     53 + @Override
     54 + public String getTech() {
     55 + return "Logging";
     56 + }
     57 + 
    53 58   private String generateRandomString(int length) {
    54 59   StringBuilder builder = new StringBuilder(length);
    55 60   for (int i = 0; i < length; i++) {
    skipped 6 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/Challenge5.java
    skipped 41 lines
    42 42   public int difficulty() {
    43 43   return 2;
    44 44   }
     45 + 
     46 + @Override
     47 + public String getTech() {
     48 + return "Configmaps";
     49 + }
    45 50  }
    46 51   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/Challenge6.java
    skipped 41 lines
    42 42   public int difficulty() {
    43 43   return 2;
    44 44   }
     45 + 
     46 + @Override
     47 + public String getTech() {
     48 + return "Secrets";
     49 + }
    45 50  }
    46 51   
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/Challenge7.java
    skipped 46 lines
    47 47   public int difficulty() {
    48 48   return 4;
    49 49   }
     50 + 
     51 + @Override
     52 + public String getTech() {
     53 + return "Vault";
     54 + }
    50 55  }
    51 56   
  • ■ ■ ■ ■ ■ ■
    src/main/resources/templates/welcome.html
    skipped 20 lines
    21 21   <thead>
    22 22   <tr>
    23 23   <th scope="col">#</th>
    24  - <th scope="col">Challenge &nbsp;&nbsp;&nbsp;&nbsp;</th>
    25  - <th scope="col" th:text="'Required environments (current: '+${environment}+')'"></th>
     24 + <th scope="col">Challenge&nbsp;&nbsp;&nbsp;</th>
     25 + <th scope="col">Focus&nbsp;&nbsp;&nbsp;</th>
     26 + <th scope="col" th:text="'Runs on environment (current: '+${environment}+')'"></th>
    26 27   </tr>
    27 28   </thead>
    28 29   <tbody>
    skipped 3 lines
    32 33   th:class="${challenge.isChallengeEnabled} ? '' : 'disabled'"><span
    33 34   th:text="${challenge.name}"
    34 35   th:remove="tag"></span></a></td>
     36 + <td th:text="${challenge.tech}"></td>
    35 37   <th:block th:if="${challenge.requiredEnv} == 'DOCKER'">
    36 38   <td>Docker</td>
    37 39   </th:block>
    38 40   <th:block th:if="${challenge.requiredEnv} == 'K8S'">
    39  - <td>Kubernetes or Minikube</td>
     41 + <td>K8s or Minikube</td>
    40 42   </th:block>
    41 43   <th:block th:if="${challenge.requiredEnv} == 'VAULT'">
    42  - <td>Kubernetes or Minikube with Vault</td>
     44 + <td>K8s or Minikube with Vault</td>
    43 45   </th:block>
    44 46   <th:block
    45 47   th:if="${challenge.requiredEnv} == 'AWS' or ${challenge.requiredEnv} == 'GCP'or ${challenge.requiredEnv} == 'AZURE'">
    skipped 103 lines
Please wait...
Page is in error, reload to recover