crash.software
Projects
Pull Requests
Issues
Builds
wrongsecrets
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY wrongsecrets Commits 3436daea
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■ ■
    Dockerfile.web
    1  -FROM jeroenwillemsen/wrongsecrets:1.6.0-no-vault
    2  -ARG argBasedVersion="1.6.0-no-vault"
     1 +FROM jeroenwillemsen/wrongsecrets:1.6.1-no-vault
     2 +ARG argBasedVersion="1.6.1-no-vault"
    3 3  ARG CANARY_URLS="http://canarytokens.com/terms/about/s7cfbdakys13246ewd8ivuvku/post.jsp,http://canarytokens.com/terms/about/y0all60b627gzp19ahqh7rl6j/post.jsp"
    4 4  ARG CTF_ENABLED=false
    5 5  ARG HINTS_ENABLED=true
    skipped 28 lines
  • ■ ■ ■ ■ ■ ■
    README.md
    skipped 62 lines
    63 63   
    64 64  ## Basic docker exercises
    65 65   
    66  -_Can be used for challenges 1-4, 8, 12-27_
     66 +_Can be used for challenges 1-4, 8, 12-28_
    67 67   
    68 68  For the basic docker exercises you currently require:
    69 69   
    skipped 29 lines
    99 99  - [localhost:8080/challenge/25](http://localhost:8080/challenge/25)
    100 100  - [localhost:8080/challenge/26](http://localhost:8080/challenge/26)
    101 101  - [localhost:8080/challenge/27](http://localhost:8080/challenge/27)
     102 +- [localhost:8080/challenge/28](http://localhost:8080/challenge/28)
    102 103   
    103 104  Note that these challenges are still very basic, and so are their explanations. Feel free to file a PR to make them look
    104 105  better ;-).
    skipped 17 lines
    122 123   
    123 124  ## Basic K8s exercise
    124 125   
    125  -_Can be used for challenges 1-6, 8, 12-27_
     126 +_Can be used for challenges 1-6, 8, 12-28_
    126 127   
    127 128  ### Minikube based
    128 129   
    skipped 46 lines
    175 176   
    176 177  ## Vault exercises with minikube
    177 178   
    178  -_Can be used for challenges 1-8, 12-27_
     179 +_Can be used for challenges 1-8, 12-28_
    179 180  Make sure you have the following installed:
    180 181   
    181 182  - minikube with docker (or comment out line 8 and work at your own k8s setup),
    skipped 11 lines
    193 194   
    194 195  ## Cloud Challenges
    195 196   
    196  -_Can be used for challenges 1-27_
     197 +_Can be used for challenges 1-28_
    197 198   
    198 199  **READ THIS**: Given that the exercises below contain IAM privilege escalation exercises,
    199 200  never run this on an account which is related to your production environment or can influence your account-over-arching
    skipped 282 lines
  • ■ ■ ■ ■
    aws/k8s/secret-challenge-vault-deployment.yml
    skipped 40 lines
    41 41   volumeAttributes:
    42 42   secretProviderClass: "wrongsecrets-aws-secretsmanager"
    43 43   containers:
    44  - - image: jeroenwillemsen/wrongsecrets:1.6.0-k8s-vault
     44 + - image: jeroenwillemsen/wrongsecrets:1.6.1-k8s-vault
    45 45   imagePullPolicy: IfNotPresent
    46 46   name: secret-challenge
    47 47   securityContext:
    skipped 66 lines
  • ■ ■ ■ ■
    azure/k8s/secret-challenge-vault-deployment.yml.tpl
    skipped 40 lines
    41 41   volumeAttributes:
    42 42   secretProviderClass: "azure-wrongsecrets-vault"
    43 43   containers:
    44  - - image: jeroenwillemsen/wrongsecrets:1.6.0-k8s-vault
     44 + - image: jeroenwillemsen/wrongsecrets:1.6.1-k8s-vault
    45 45   imagePullPolicy: IfNotPresent
    46 46   name: secret-challenge
    47 47   securityContext:
    skipped 76 lines
  • ■ ■ ■ ■
    fly.toml
    skipped 8 lines
    9 9   dockerfile = "Dockerfile"
    10 10   
    11 11  [build.args]
    12  - argBasedVersion="1.6.0"
     12 + argBasedVersion="1.6.1"
    13 13   spring_profile="without-vault"
    14 14   
    15 15  [env]
    skipped 33 lines
  • ■ ■ ■ ■
    gcp/k8s/secret-challenge-vault-deployment.yml.tpl
    skipped 38 lines
    39 39   volumeAttributes:
    40 40   secretProviderClass: "wrongsecrets-gcp-secretsmanager"
    41 41   containers:
    42  - - image: jeroenwillemsen/wrongsecrets:1.6.0-k8s-vault
     42 + - image: jeroenwillemsen/wrongsecrets:1.6.1-k8s-vault
    43 43   imagePullPolicy: IfNotPresent
    44 44   name: secret-challenge
    45 45   ports:
    skipped 70 lines
  • ■ ■ ■ ■
    k8s/secret-challenge-deployment.yml
    skipped 27 lines
    28 28   runAsGroup: 2000
    29 29   fsGroup: 2000
    30 30   containers:
    31  - - image: jeroenwillemsen/wrongsecrets:1.6.0-no-vault
     31 + - image: jeroenwillemsen/wrongsecrets:1.6.1-no-vault
    32 32   imagePullPolicy: IfNotPresent
    33 33   name: secret-challenge
    34 34   ports:
    skipped 62 lines
  • ■ ■ ■ ■
    k8s/secret-challenge-vault-deployment.yml
    skipped 29 lines
    30 30   runAsNonRoot: true
    31 31   serviceAccountName: vault
    32 32   containers:
    33  - - image: jeroenwillemsen/wrongsecrets:1.6.0-k8s-vault
     33 + - image: jeroenwillemsen/wrongsecrets:1.6.1-k8s-vault
    34 34   imagePullPolicy: IfNotPresent
    35 35   name: secret-challenge
    36 36   securityContext:
    skipped 66 lines
  • ■ ■ ■ ■
    okteto/k8s/secret-challenge-ctf-deployment.yml
    skipped 27 lines
    28 28   runAsGroup: 2000
    29 29   fsGroup: 2000
    30 30   containers:
    31  - - image: jeroenwillemsen/wrongsecrets:1.6.0-no-vault
     31 + - image: jeroenwillemsen/wrongsecrets:1.6.1-no-vault
    32 32   name: secret-challenge-ctf
    33 33   imagePullPolicy: IfNotPresent
    34 34   securityContext:
    skipped 82 lines
  • ■ ■ ■ ■
    okteto/k8s/secret-challenge-deployment.yml
    skipped 27 lines
    28 28   runAsGroup: 2000
    29 29   fsGroup: 2000
    30 30   containers:
    31  - - image: jeroenwillemsen/wrongsecrets:1.6.0-no-vault
     31 + - image: jeroenwillemsen/wrongsecrets:1.6.1-no-vault
    32 32   name: secret-challenge
    33 33   imagePullPolicy: IfNotPresent
    34 34   securityContext:
    skipped 66 lines
Please wait...
Page is in error, reload to recover