crash.software
Projects
Pull Requests
Issues
Builds
wrongsecrets
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY wrongsecrets Commits 6459b7f2
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/cloud/Challenge11.java
    skipped 136 lines
    137 137   .build();
    138 138   
    139 139   AssumeRoleWithWebIdentityResponse tokenResponse = stsClient.assumeRoleWithWebIdentity(webIdentityRequest);
    140  - log.info("The token value is " + tokenResponse.credentials().sessionToken());
     140 + //log.debug("The token value is " + tokenResponse.credentials().sessionToken());
    141 141   SsmClient ssmClient = SsmClient.builder()
    142 142   .region(Region.of(awsRegion))
    143 143   .credentialsProvider(StsAssumeRoleWithWebIdentityCredentialsProvider.builder()
    skipped 6 lines
    150 150   .withDecryption(true)
    151 151   .build();
    152 152   GetParameterResponse parameterResponse = ssmClient.getParameter(parameterRequest);
    153  - log.info("The parameter value is " + parameterResponse.parameter().value());
     153 + //log.debug("The parameter value is " + parameterResponse.parameter().value());
    154 154   ssmClient.close();
    155 155   return parameterResponse.parameter().value();
    156 156   } catch (StsException e) {
    skipped 31 lines
    188 188   
    189 189   private String getAzureChallenge11Value() {
    190 190   if (isAzure()) {
    191  - log.info(String.format("Using Azure Key Vault URI: %s", azureVaultUri));
     191 + //log.debug(String.format("Using Azure Key Vault URI: %s", azureVaultUri));
    192 192   return azureWrongSecret3;
    193 193   }
    194 194   log.error("Fetching secret from Azure did not work, returning default");
    skipped 9 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge12.java
    skipped 38 lines
    39 39   
    40 40   @Override
    41 41   public boolean answerCorrect(String answer) {
    42  - log.info("challenge 12, actualdata: {}, answer: {}", getActualData(), answer);
     42 + //log.debug("challenge 12, actualdata: {}, answer: {}", getActualData(), answer);
    43 43   return getActualData().equals(answer);
    44 44   }
    45 45   
    skipped 31 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge13.java
    skipped 70 lines
    71 71   
    72 72   private boolean isKeyCorrect(String base64EncodedKey) {
    73 73   if (Strings.isEmpty(base64EncodedKey) || Strings.isEmpty(plainText) || Strings.isEmpty(cipherText)) {
    74  - log.info("Checking secret with values {}, {}, {}", base64EncodedKey, plainText, cipherText);
     74 + //log.debug("Checking secret with values {}, {}, {}", base64EncodedKey, plainText, cipherText);
    75 75   return false;
    76 76   }
    77 77   
    skipped 24 lines
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge14.java
    skipped 76 lines
    77 77   
    78 78   private String findAnswer() {
    79 79   if (Strings.isEmpty(keepassxPassword)) {
    80  - log.info("Checking secret with values {}", keepassxPassword);
     80 + //log.debug("Checking secret with values {}", keepassxPassword);
    81 81   return defaultKeepassValue;
    82 82   }
    83 83   KdbxCreds creds = new KdbxCreds(keepassxPassword.getBytes());
    skipped 11 lines
    95 95   
    96 96   private boolean isanswerCorrectInKeeyPassx(String answer) {
    97 97   if (Strings.isEmpty(keepassxPassword) || Strings.isEmpty(answer)) {
    98  - log.info("Checking secret with values {}, {}", keepassxPassword, answer);
     98 + //log.debug("Checking secret with values {}, {}", keepassxPassword, answer);
    99 99   return false;
    100 100   }
    101 101   return answer.equals(findAnswer());
    skipped 4 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge16.java
    skipped 38 lines
    39 39   
    40 40   @Override
    41 41   public boolean answerCorrect(String answer) {
    42  - log.info("challenge 16, actualdata: {}, answer: {}", getActualData(), answer);
     42 + //log.debug("challenge 16, actualdata: {}, answer: {}", getActualData(), answer);
    43 43   return getActualData().equals(answer);
    44 44   }
    45 45   
    skipped 30 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge17.java
    skipped 38 lines
    39 39   
    40 40   @Override
    41 41   public boolean answerCorrect(String answer) {
    42  - log.info("challenge 17, actualdata: {}, answer: {}", getActualData(), answer);
     42 + //log.debug("challenge 17, actualdata: {}, answer: {}", getActualData(), answer);
    43 43   return getActualData().equals(answer);
    44 44   }
    45 45   
    skipped 30 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge23.java
    skipped 29 lines
    30 30   
    31 31   @Override
    32 32   public boolean answerCorrect(String answer) {
    33  - log.info("challenge 23, actualdata: {}, answer: {}", getActualData(), answer);
     33 + //log.debug("challenge 23, actualdata: {}, answer: {}", getActualData(), answer);
    34 34   return getActualData().equals(answer);
    35 35   }
    36 36   
    skipped 31 lines
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge24.java
    skipped 1 lines
    2 2   
    3 3   
    4 4  import lombok.extern.slf4j.Slf4j;
     5 +import org.bouncycastle.util.encoders.Hex;
    5 6  import org.owasp.wrongsecrets.RuntimeEnvironment;
    6 7  import org.owasp.wrongsecrets.ScoreCard;
    7 8  import org.owasp.wrongsecrets.challenges.Challenge;
    skipped 2 lines
    10 11  import org.springframework.core.annotation.Order;
    11 12  import org.springframework.stereotype.Component;
    12 13   
     14 +import java.nio.charset.StandardCharsets;
    13 15  import java.util.List;
    14 16   
    15 17  @Slf4j
    skipped 17 lines
    33 35   
    34 36   @Override
    35 37   public boolean answerCorrect(String answer) {
    36  - log.info("challenge 24, actualdata: {}, answer: {}", getActualData(), answer);
     38 + //log.debug("challenge 24, actualdata: {}, answer: {}", getActualData(), answer);
    37 39   return getActualData().equals(answer);
    38 40   }
    39 41   
    skipped 18 lines
    58 60   }
    59 61   
    60 62   public String getActualData() {
    61  - return "00010203 04050607 08090A0B 0C0D0E0F 10111213 14151617 18191A1B 1C1D1E1F 20212223 24252627 28292A2B 2C2D2E2F 30313233 34353637 38393A3B 3C3D3E3F";
     63 + return new String(Hex.decode("3030303130323033203034303530363037203038303930413042203043304430453046203130313131323133203134313531363137203138313931413142203143314431453146203230323132323233203234323532363237203238323932413242203243324432453246203330333133323333203334333533363337203338333933413342203343334433453346".getBytes(StandardCharsets.UTF_8)));
    62 64   
    63 65   }
    64 66  }
    skipped 1 lines
  • ■ ■ ■ ■ ■
    src/test/java/org/owasp/wrongsecrets/challenges/docker/Challenge24Test.java
    1 1  package org.owasp.wrongsecrets.challenges.docker;
    2 2   
    3 3  import org.assertj.core.api.Assertions;
     4 +import org.bouncycastle.util.encoders.Hex;
    4 5  import org.junit.jupiter.api.Test;
    5 6  import org.junit.jupiter.api.extension.ExtendWith;
    6 7  import org.mockito.Mock;
    7 8  import org.mockito.Mockito;
    8 9  import org.mockito.junit.jupiter.MockitoExtension;
    9 10  import org.owasp.wrongsecrets.ScoreCard;
     11 + 
     12 +import java.nio.charset.StandardCharsets;
    10 13   
    11 14  @ExtendWith(MockitoExtension.class)
    12 15  class Challenge24Test {
    skipped 5 lines
    18 21   @Test
    19 22   void rightAnswerShouldSolveChallenge() {
    20 23   var challenge = new Challenge24(scoreCard);
    21  - 
    22 24   Assertions.assertThat(challenge.solved(challenge.spoiler().solution())).isTrue();
    23 25   Mockito.verify(scoreCard).completeChallenge(challenge);
    24 26   }
    skipped 5 lines
Please wait...
Page is in error, reload to recover