-
-
Notifications
You must be signed in to change notification settings - Fork 554
Expand file tree
/
Copy pathChallengesControllerCTFModeWithPresetK8sAndVaultValuesTest.java
More file actions
94 lines (85 loc) · 3.82 KB
/
ChallengesControllerCTFModeWithPresetK8sAndVaultValuesTest.java
File metadata and controls
94 lines (85 loc) · 3.82 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
package org.owasp.wrongsecrets.ctftests;
import static org.hamcrest.CoreMatchers.not;
import static org.hamcrest.Matchers.containsString;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import org.junit.jupiter.api.Test;
import org.owasp.wrongsecrets.WrongSecretsApplication;
import org.owasp.wrongsecrets.challenges.kubernetes.Challenge5;
import org.owasp.wrongsecrets.challenges.kubernetes.Challenge6;
import org.owasp.wrongsecrets.challenges.kubernetes.Challenge7;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.webmvc.test.autoconfigure.AutoConfigureMockMvc;
import org.springframework.http.MediaType;
import org.springframework.test.web.servlet.MockMvc;
@SpringBootTest(
properties = {
"K8S_ENV=k8s_vault",
"ctf_enabled=true",
"ctf_key=randomtextforkey",
"SPECIAL_K8S_SECRET=test5",
"SPECIAL_SPECIAL_K8S_SECRET=test6",
"vaultpassword=test7"
},
classes = WrongSecretsApplication.class)
@AutoConfigureMockMvc
class ChallengesControllerCTFModeWithPresetK8sAndVaultValuesTest {
@Autowired private MockMvc mvc;
@Autowired private Challenge5 challenge5;
@Autowired private Challenge6 challenge6;
@Autowired private Challenge7 challenge7;
@Test
void shouldNotSpoilWhenInCTFMode() throws Exception {
mvc.perform(get("/spoil/challenge-5"))
.andExpect(status().isOk())
.andExpect(content().string(containsString("Spoils are disabled in CTF mode")));
}
@Test
void shouldShowFlagWhenRespondingWithSuccessInCTFModeChallenge5() throws Exception {
var spoil = challenge5.spoiler().solution();
mvc.perform(
post("/challenge/challenge-5")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.param("solution", spoil)
.param("action", "submit")
.with(csrf()))
.andExpect(status().isOk())
.andExpect(content().string(containsString("547778382f8a3782a46149021ab8af60")));
}
@Test
void shouldShowFlagWhenRespondingWithSuccessInCTFModeChallenge6() throws Exception {
var spoil = challenge6.spoiler().solution();
mvc.perform(
post("/challenge/challenge-6")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.param("solution", spoil)
.param("action", "submit")
.with(csrf()))
.andExpect(status().isOk())
.andExpect(content().string(containsString("97bae139e507e5a213b9be4cca3fcd30")));
}
@Test
void shouldShowFlagWhenRespondingWithSuccessInCTFModeChallenge7() throws Exception {
var spoil = challenge7.spoiler().solution();
mvc.perform(
post("/challenge/challenge-7")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.param("solution", spoil)
.param("action", "submit")
.with(csrf()))
.andExpect(status().isOk())
.andExpect(content().string(containsString("540ba4445c33850152b6b536df3020e3")));
}
@Test
void shouldEnableK8sAndVaultExercises() throws Exception {
mvc.perform(get("/"))
.andExpect(status().isOk())
.andExpect(content().string(not(containsString("challenge 5_disabled-link"))))
.andExpect(content().string(not(containsString("challenge 6_disabled-link>"))))
.andExpect(content().string(not(containsString("challenge 7_disabled-link"))));
}
}