Skip to content

Commit

Permalink
Merge branch 'master' into fix/Issue812
Browse files Browse the repository at this point in the history
  • Loading branch information
@Shubham-Patel07
Shubham-Patel07 authored Dec 13, 2024
2 parents 2721de2 + 843c44d commit 8b110a8
Show file tree
Hide file tree
Showing 28 changed files with 222 additions and 195 deletions.
2 changes: 1 addition & 1 deletion .github/scripts/.bash_history
View file
Original file line number Diff line number Diff line change
Expand Up @@ -347,7 +347,7 @@ rm -rf jdk-18_linux-x64_bin.deb
git rebase -i main
git rebase -i master
git stash
export tempPassword="uzsmJV29aLxsikOElqENg9O2dUkuY6Q4zg6ysYaO4HE="
export tempPassword="QA4+PZIWSubBOhJEf+leCo+S4vlCY9/W8Nl+bxilvkE="
mvn run tempPassword
k6
npx k6
Expand Down
6 changes: 3 additions & 3 deletions .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,11 @@ ci:
submodules: false
repos:
- repo: https://github.com/renovatebot/pre-commit-hooks
rev: 39.17.1
rev: 39.60.0
hooks:
- id: renovate-config-validator
- repo: https://github.com/eslint/eslint
rev: v9.15.0
rev: v9.16.0
hooks:
- id: eslint
args:
Expand Down Expand Up @@ -46,7 +46,7 @@ repos:
- "--args=--only=terraform_workspace_remote"
- id: terraform_docs
- repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook
rev: v9.18.0
rev: v9.19.0
hooks:
- id: commitlint
stages: [commit-msg]
Expand Down
5 changes: 3 additions & 2 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
FROM eclipse-temurin:23.0.1_11-jre-alpine

ARG argBasedPassword="default"
ARG argBasedVersion="1.8.5"
ARG argBasedVersion="1.10.0"
ARG spring_profile=""
ENV SPRING_PROFILES_ACTIVE=$spring_profile
ENV ARG_BASED_PASSWORD=$argBasedPassword
Expand All @@ -17,14 +17,15 @@ RUN echo "$argBasedPassword"

RUN apk add --no-cache libstdc++ icu-libs


# Create the /app directory
RUN mkdir -p /app

# Use a separate RUN command for --mount
RUN --mount=type=secret,id=mysecret \
cat /run/secrets/mysecret > /app/secret.txt

#RUN useradd -u 2000 -m wrongsecrets

RUN adduser -u 2000 -D wrongsecrets
USER wrongsecrets

Expand Down
4 changes: 2 additions & 2 deletions Dockerfile.web
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
FROM jeroenwillemsen/wrongsecrets:1.9.2-no-vault
ARG argBasedVersion="1.9.2-no-vault"
FROM jeroenwillemsen/wrongsecrets:1.10.0-no-vault
ARG argBasedVersion="1.10.0-no-vault"
ARG CANARY_URLS="http://canarytokens.com/terms/about/s7cfbdakys13246ewd8ivuvku/post.jsp,http://canarytokens.com/terms/about/y0all60b627gzp19ahqh7rl6j/post.jsp"
ARG CTF_ENABLED=false
ARG HINTS_ENABLED=true
Expand Down
13 changes: 7 additions & 6 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

Welcome to the OWASP WrongSecrets game! The game is packed with real life examples of how to _not_ store secrets in your software. Each of these examples is captured in a challenge, which you need to solve using various tools and techniques. Solving these challenges will help you recognize common mistakes & can help you to reflect on your own secrets management strategy.

Can you solve all the 50 challenges?
Can you solve all the 51 challenges?

Try some of them on [our Heroku demo environment](https://wrongsecrets.herokuapp.com/).

Expand Down Expand Up @@ -74,7 +74,7 @@ Copyright (c) 2020-2024 Jeroen Willemsen and WrongSecrets contributors.

## Basic docker exercises

_Can be used for challenges 1-4, 8, 12-32, 34, 35-43, 49-50_
_Can be used for challenges 1-4, 8, 12-32, 34, 35-43, 49-51_

For the basic docker exercises you currently require:

Expand Down Expand Up @@ -125,8 +125,9 @@ Now you can try to find the secrets by means of solving the challenge offered at
- [localhost:8080/challenge/challenge-41](http://localhost:8080/challenge/challenge-41)
- [localhost:8080/challenge/challenge-42](http://localhost:8080/challenge/challenge-42)
- [localhost:8080/challenge/challenge-43](http://localhost:8080/challenge/challenge-43)
- [localhost:8080/challenge/challenge-43](http://localhost:8080/challenge/challenge-49)
- [localhost:8080/challenge/challenge-43](http://localhost:8080/challenge/challenge-50)
- [localhost:8080/challenge/challenge-49](http://localhost:8080/challenge/challenge-49)
- [localhost:8080/challenge/challenge-50](http://localhost:8080/challenge/challenge-50)
- [localhost:8080/challenge/challenge-51](http://localhost:8080/challenge/challenge-51)

Note that these challenges are still very basic, and so are their explanations. Feel free to file a PR to make them look
better ;-).
Expand Down Expand Up @@ -154,7 +155,7 @@ If you want to host WrongSecrets on Railway, you can do so by deploying [this on

## Basic K8s exercise

_Can be used for challenges 1-6, 8, 12-43, 48-50_
_Can be used for challenges 1-6, 8, 12-43, 48-51_

### Minikube based

Expand Down Expand Up @@ -247,7 +248,7 @@ This is because if you run the start script again it will replace the secret in

## Cloud Challenges

_Can be used for challenges 1-50_
_Can be used for challenges 1-51_

**READ THIS**: Given that the exercises below contain IAM privilege escalation exercises,
never run this on an account which is related to your production environment or can influence your account-over-arching
Expand Down
8 changes: 4 additions & 4 deletions aws/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,13 +72,13 @@ require (
go.opentelemetry.io/otel/sdk v1.32.0 // indirect
go.opentelemetry.io/otel/sdk/metric v1.32.0 // indirect
go.opentelemetry.io/otel/trace v1.32.0 // indirect
golang.org/x/crypto v0.29.0 // indirect
golang.org/x/crypto v0.31.0 // indirect
golang.org/x/mod v0.22.0 // indirect
golang.org/x/net v0.31.0 // indirect
golang.org/x/oauth2 v0.24.0 // indirect
golang.org/x/sync v0.9.0 // indirect
golang.org/x/sys v0.27.0 // indirect
golang.org/x/text v0.20.0 // indirect
golang.org/x/sync v0.10.0 // indirect
golang.org/x/sys v0.28.0 // indirect
golang.org/x/text v0.21.0 // indirect
golang.org/x/time v0.8.0 // indirect
golang.org/x/tools v0.27.0 // indirect
golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect
Expand Down
8 changes: 8 additions & 0 deletions aws/go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -608,6 +608,8 @@ golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw=
golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
Expand Down Expand Up @@ -751,6 +753,8 @@ golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
Expand Down Expand Up @@ -821,6 +825,8 @@ golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
Expand All @@ -843,6 +849,8 @@ golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
Expand Down
2 changes: 1 addition & 1 deletion aws/k8s-aws-alb-script.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ fi
ACCOUNT_ID=$(aws sts get-caller-identity | jq '.Account' -r)
echo "ACCOUNT_ID=${ACCOUNT_ID}"

LBC_VERSION="v2.10.0"
LBC_VERSION="v2.10.1"
echo "LBC_VERSION=$LBC_VERSION"

# echo "executing eksctl utils associate-iam-oidc-provider"
Expand Down
2 changes: 1 addition & 1 deletion aws/k8s/secret-challenge-vault-deployment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ spec:
volumeAttributes:
secretProviderClass: "wrongsecrets-aws-secretsmanager"
containers:
- image: jeroenwillemsen/wrongsecrets:1.9.2-k8s-vault
- image: jeroenwillemsen/wrongsecrets:1.10.0-k8s-vault
imagePullPolicy: IfNotPresent
name: secret-challenge
command: [ "/bin/sh" ]
Expand Down
8 changes: 4 additions & 4 deletions azure/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,13 +72,13 @@ require (
go.opentelemetry.io/otel/sdk v1.32.0 // indirect
go.opentelemetry.io/otel/sdk/metric v1.32.0 // indirect
go.opentelemetry.io/otel/trace v1.32.0 // indirect
golang.org/x/crypto v0.29.0 // indirect
golang.org/x/crypto v0.31.0 // indirect
golang.org/x/mod v0.22.0 // indirect
golang.org/x/net v0.31.0 // indirect
golang.org/x/oauth2 v0.24.0 // indirect
golang.org/x/sync v0.9.0 // indirect
golang.org/x/sys v0.27.0 // indirect
golang.org/x/text v0.20.0 // indirect
golang.org/x/sync v0.10.0 // indirect
golang.org/x/sys v0.28.0 // indirect
golang.org/x/text v0.21.0 // indirect
golang.org/x/time v0.8.0 // indirect
golang.org/x/tools v0.27.0 // indirect
golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect
Expand Down
8 changes: 8 additions & 0 deletions azure/go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -608,6 +608,8 @@ golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw=
golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
Expand Down Expand Up @@ -751,6 +753,8 @@ golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
Expand Down Expand Up @@ -821,6 +825,8 @@ golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
Expand All @@ -843,6 +849,8 @@ golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
Expand Down
2 changes: 1 addition & 1 deletion azure/k8s/secret-challenge-vault-deployment.yml.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ spec:
volumeAttributes:
secretProviderClass: "azure-wrongsecrets-vault"
containers:
- image: jeroenwillemsen/wrongsecrets:1.9.2-k8s-vault
- image: jeroenwillemsen/wrongsecrets:1.10.0-k8s-vault
imagePullPolicy: IfNotPresent
name: secret-challenge
command: ["/bin/sh"]
Expand Down
1 change: 1 addition & 0 deletions config/zap/rule-config.tsv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,4 @@
90003 IGNORE Sub Resource Integrity Attribute Missing
10094 IGNORE Base64 Disclosure
90005 IGNORE Sec-Fetch-Dest Header is Missing
10003 IGNORE Vulnerable JS Library
2 changes: 1 addition & 1 deletion fly.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ app = "wrongsecrets"
primary_region = "ams"

[build]
image = "docker.io/jeroenwillemsen/wrongsecrets:1.9.2-no-vault"
image = "docker.io/jeroenwillemsen/wrongsecrets:1.10.0-no-vault"

[env]
K8S_ENV = "Fly(Docker)"
Expand Down
8 changes: 4 additions & 4 deletions gcp/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,13 +72,13 @@ require (
go.opentelemetry.io/otel/sdk v1.32.0 // indirect
go.opentelemetry.io/otel/sdk/metric v1.32.0 // indirect
go.opentelemetry.io/otel/trace v1.32.0 // indirect
golang.org/x/crypto v0.29.0 // indirect
golang.org/x/crypto v0.31.0 // indirect
golang.org/x/mod v0.22.0 // indirect
golang.org/x/net v0.31.0 // indirect
golang.org/x/oauth2 v0.24.0 // indirect
golang.org/x/sync v0.9.0 // indirect
golang.org/x/sys v0.27.0 // indirect
golang.org/x/text v0.20.0 // indirect
golang.org/x/sync v0.10.0 // indirect
golang.org/x/sys v0.28.0 // indirect
golang.org/x/text v0.21.0 // indirect
golang.org/x/time v0.8.0 // indirect
golang.org/x/tools v0.27.0 // indirect
golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect
Expand Down
8 changes: 8 additions & 0 deletions gcp/go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -608,6 +608,8 @@ golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw=
golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
Expand Down Expand Up @@ -751,6 +753,8 @@ golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
Expand Down Expand Up @@ -821,6 +825,8 @@ golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
Expand All @@ -843,6 +849,8 @@ golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
Expand Down
2 changes: 1 addition & 1 deletion gcp/k8s/secret-challenge-vault-deployment.yml.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ spec:
volumeAttributes:
secretProviderClass: "wrongsecrets-gcp-secretsmanager"
containers:
- image: jeroenwillemsen/wrongsecrets:1.9.2-k8s-vault
- image: jeroenwillemsen/wrongsecrets:1.10.0-k8s-vault
imagePullPolicy: IfNotPresent
name: secret-challenge
command: ["/bin/sh"]
Expand Down
2 changes: 1 addition & 1 deletion js/index.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@

function secret() {
var password = "MgvPITU=" + 9 + "+EVD" + 6 + "1wg=" + 2 + "GaRN" + 7;
var password = "an3UzRg=" + 9 + "vrR9" + 6 + "KSs=" + 2 + "ARBN" + 7;
return password;
}
2 changes: 1 addition & 1 deletion k8s/secret-challenge-deployment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ spec:
runAsGroup: 2000
fsGroup: 2000
containers:
- image: jeroenwillemsen/wrongsecrets:1.9.2-no-vault
- image: jeroenwillemsen/wrongsecrets:1.10.0-no-vault
imagePullPolicy: IfNotPresent
name: secret-challenge
ports:
Expand Down
2 changes: 1 addition & 1 deletion k8s/secret-challenge-vault-deployment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ spec:
type: RuntimeDefault
serviceAccountName: vault
containers:
- image: jeroenwillemsen/wrongsecrets:1.9.2-k8s-vault
- image: jeroenwillemsen/wrongsecrets:1.10.0-k8s-vault
imagePullPolicy: IfNotPresent
name: secret-challenge
command: ["/bin/sh"]
Expand Down
2 changes: 1 addition & 1 deletion okteto/k8s/secret-challenge-ctf-deployment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ spec:
runAsGroup: 2000
fsGroup: 2000
containers:
- image: jeroenwillemsen/wrongsecrets:1.9.2-no-vault
- image: jeroenwillemsen/wrongsecrets:1.10.0-no-vault
name: secret-challenge-ctf
imagePullPolicy: IfNotPresent
securityContext:
Expand Down
2 changes: 1 addition & 1 deletion okteto/k8s/secret-challenge-deployment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ spec:
runAsGroup: 2000
fsGroup: 2000
containers:
- image: jeroenwillemsen/wrongsecrets:1.9.2-no-vault
- image: jeroenwillemsen/wrongsecrets:1.10.0-no-vault
name: secret-challenge
imagePullPolicy: IfNotPresent
securityContext:
Expand Down
Loading

0 comments on commit 8b110a8

Please sign in to comment.