Merge pull request #1961 from OWASP/cached_answers

start of putting all challenges to cached answers

Author: commjoen

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge19.java

@@ -1,34 +1,21 @@
 package org.owasp.wrongsecrets.challenges.docker;
 
 import lombok.extern.slf4j.Slf4j;
-import org.owasp.wrongsecrets.challenges.Challenge;
-import org.owasp.wrongsecrets.challenges.Spoiler;
+import org.owasp.wrongsecrets.challenges.FixedAnswerChallenge;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.MuslDetectorImpl;
 import org.springframework.stereotype.Component;
 
 /** This challenge is about finding a secret hardcoded in a C binary. */
 @Slf4j
 @Component
-public class Challenge19 implements Challenge {
+public class Challenge19 extends FixedAnswerChallenge {
 
-  private final BinaryExecutionHelper binaryExecutionHelper;
-
-  public Challenge19() {
-    this.binaryExecutionHelper = new BinaryExecutionHelper(19, new MuslDetectorImpl());
-  }
-
-  /** {@inheritDoc} */
   @Override
-  public Spoiler spoiler() {
-    return new Spoiler(binaryExecutionHelper.executeCommand("", "wrongsecrets-c"));
-  }
+  public String getAnswer() {
 
-  /** {@inheritDoc} */
-  @Override
-  public boolean answerCorrect(String answer) {
-    return binaryExecutionHelper
-        .executeCommand(answer, "wrongsecrets-c")
-        .equals("This is correct! Congrats!");
+    BinaryExecutionHelper binaryExecutionHelper =
+        new BinaryExecutionHelper(19, new MuslDetectorImpl());
+    return binaryExecutionHelper.executeCommand("", "wrongsecrets-c");
   }
 }

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge20.java

@@ -1,34 +1,20 @@
 package org.owasp.wrongsecrets.challenges.docker;
 
 import lombok.extern.slf4j.Slf4j;
-import org.owasp.wrongsecrets.challenges.Challenge;
-import org.owasp.wrongsecrets.challenges.Spoiler;
+import org.owasp.wrongsecrets.challenges.FixedAnswerChallenge;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.MuslDetectorImpl;
 import org.springframework.stereotype.Component;
 
 /** This challenge is about finding a secret hardcoded in a C++ binary. */
 @Slf4j
 @Component
-public class Challenge20 implements Challenge {
+public class Challenge20 extends FixedAnswerChallenge {
 
-  private final BinaryExecutionHelper binaryExecutionHelper;
-
-  public Challenge20() {
-    this.binaryExecutionHelper = new BinaryExecutionHelper(20, new MuslDetectorImpl());
-  }
-
-  /** {@inheritDoc} */
-  @Override
-  public Spoiler spoiler() {
-    return new Spoiler(binaryExecutionHelper.executeCommand("", "wrongsecrets-cplus"));
-  }
-
-  /** {@inheritDoc} */
   @Override
-  public boolean answerCorrect(String answer) {
-    return binaryExecutionHelper
-        .executeCommand(answer, "wrongsecrets-cplus")
-        .equals("This is correct! Congrats!");
+  public String getAnswer() {
+    BinaryExecutionHelper binaryExecutionHelper =
+        new BinaryExecutionHelper(20, new MuslDetectorImpl());
+    return binaryExecutionHelper.executeCommand("", "wrongsecrets-cplus");
   }
 }

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge21.java

@@ -1,32 +1,20 @@
 package org.owasp.wrongsecrets.challenges.docker;
 
 import lombok.extern.slf4j.Slf4j;
-import org.owasp.wrongsecrets.challenges.Challenge;
-import org.owasp.wrongsecrets.challenges.Spoiler;
+import org.owasp.wrongsecrets.challenges.FixedAnswerChallenge;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.MuslDetectorImpl;
 import org.springframework.stereotype.Component;
 
 /** This challenge is about finding a secret hardcoded in a Golang binary. */
 @Slf4j
 @Component
-public class Challenge21 implements Challenge {
+public class Challenge21 extends FixedAnswerChallenge {
 
-  private final BinaryExecutionHelper binaryExecutionHelper;
-
-  public Challenge21() {
-    this.binaryExecutionHelper = new BinaryExecutionHelper(21, new MuslDetectorImpl());
-  }
-
-  /** {@inheritDoc} */
-  @Override
-  public Spoiler spoiler() {
-    return new Spoiler(binaryExecutionHelper.executeGoCommand(""));
-  }
-
-  /** {@inheritDoc} */
   @Override
-  public boolean answerCorrect(String answer) {
-    return binaryExecutionHelper.executeGoCommand(answer).equals("This is correct! Congrats!");
+  public String getAnswer() {
+    BinaryExecutionHelper binaryExecutionHelper =
+        new BinaryExecutionHelper(21, new MuslDetectorImpl());
+    return binaryExecutionHelper.executeGoCommand("");
   }
 }

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge22.java

@@ -1,34 +1,20 @@
 package org.owasp.wrongsecrets.challenges.docker;
 
 import lombok.extern.slf4j.Slf4j;
-import org.owasp.wrongsecrets.challenges.Challenge;
-import org.owasp.wrongsecrets.challenges.Spoiler;
+import org.owasp.wrongsecrets.challenges.FixedAnswerChallenge;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.MuslDetectorImpl;
 import org.springframework.stereotype.Component;
 
 /** This challenge is about finding a secret hardcoded in a Rust binary. */
 @Slf4j
 @Component
-public class Challenge22 implements Challenge {
+public class Challenge22 extends FixedAnswerChallenge {
 
-  private final BinaryExecutionHelper binaryExecutionHelper;
-
-  public Challenge22() {
-    this.binaryExecutionHelper = new BinaryExecutionHelper(22, new MuslDetectorImpl());
-  }
-
-  /** {@inheritDoc} */
-  @Override
-  public Spoiler spoiler() {
-    return new Spoiler(binaryExecutionHelper.executeCommand("", "wrongsecrets-rust"));
-  }
-
-  /** {@inheritDoc} */
   @Override
-  public boolean answerCorrect(String answer) {
-    return binaryExecutionHelper
-        .executeCommand(answer, "wrongsecrets-rust")
-        .equals("This is correct! Congrats!");
+  public String getAnswer() {
+    BinaryExecutionHelper binaryExecutionHelper =
+        new BinaryExecutionHelper(20, new MuslDetectorImpl());
+    return binaryExecutionHelper.executeCommand("", "wrongsecrets-rust");
   }
 }

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge25.java

@@ -10,32 +10,23 @@
 import javax.crypto.spec.SecretKeySpec;
 import lombok.extern.slf4j.Slf4j;
 import org.bouncycastle.util.encoders.Base64;
-import org.owasp.wrongsecrets.challenges.Challenge;
-import org.owasp.wrongsecrets.challenges.Spoiler;
+import org.owasp.wrongsecrets.challenges.FixedAnswerChallenge;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
 /** This challenge is about finding a secret hardcoded in a web3 contract. */
 @Slf4j
 @Component
-public class Challenge25 implements Challenge {
+public class Challenge25 extends FixedAnswerChallenge {
   private final String cipherText;
 
   public Challenge25(@Value("${challenge25ciphertext}") String cipherText) {
     this.cipherText = cipherText;
   }
 
-  /** {@inheritDoc} */
   @Override
-  public Spoiler spoiler() {
-    return new Spoiler(quickDecrypt(cipherText));
-  }
-
-  /** {@inheritDoc} */
-  @Override
-  public boolean answerCorrect(String answer) {
-    String correctString = quickDecrypt(cipherText);
-    return answer.equals(correctString) && !DECRYPTION_ERROR.equals(correctString);
+  public String getAnswer() {
+    return quickDecrypt(cipherText);
   }
 
   private String quickDecrypt(String cipherText) {

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge26.java

@@ -10,32 +10,23 @@
 import javax.crypto.spec.SecretKeySpec;
 import lombok.extern.slf4j.Slf4j;
 import org.bouncycastle.util.encoders.Base64;
-import org.owasp.wrongsecrets.challenges.Challenge;
-import org.owasp.wrongsecrets.challenges.Spoiler;
+import org.owasp.wrongsecrets.challenges.FixedAnswerChallenge;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
 /** This challenge is about finding a secret hardcoded in a web3 contract. */
 @Slf4j
 @Component
-public class Challenge26 implements Challenge {
+public class Challenge26 extends FixedAnswerChallenge {
   private final String cipherText;
 
   public Challenge26(@Value("${challenge26ciphertext}") String cipherText) {
     this.cipherText = cipherText;
   }
 
-  /** {@inheritDoc} */
   @Override
-  public Spoiler spoiler() {
-    return new Spoiler(quickDecrypt(cipherText));
-  }
-
-  /** {@inheritDoc} */
-  @Override
-  public boolean answerCorrect(String answer) {
-    String correctString = quickDecrypt(cipherText);
-    return answer.equals(correctString) && !DECRYPTION_ERROR.equals(answer);
+  public String getAnswer() {
+    return quickDecrypt(cipherText);
   }
 
   private String quickDecrypt(String cipherText) {

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge27.java

@@ -10,32 +10,23 @@
 import javax.crypto.spec.SecretKeySpec;
 import lombok.extern.slf4j.Slf4j;
 import org.bouncycastle.util.encoders.Base64;
-import org.owasp.wrongsecrets.challenges.Challenge;
-import org.owasp.wrongsecrets.challenges.Spoiler;
+import org.owasp.wrongsecrets.challenges.FixedAnswerChallenge;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
 /** This challenge is about finding a secret hardcoded in a web3 contract based on hashing. */
 @Slf4j
 @Component
-public class Challenge27 implements Challenge {
+public class Challenge27 extends FixedAnswerChallenge {
   private final String cipherText;
 
   public Challenge27(@Value("${challenge27ciphertext}") String cipherText) {
     this.cipherText = cipherText;
   }
 
-  /** {@inheritDoc} */
   @Override
-  public Spoiler spoiler() {
-    return new Spoiler(quickDecrypt(cipherText));
-  }
-
-  /** {@inheritDoc} */
-  @Override
-  public boolean answerCorrect(String answer) {
-    String correctString = quickDecrypt(cipherText);
-    return answer.equals(correctString) && !DECRYPTION_ERROR.equals(answer);
+  public String getAnswer() {
+    return quickDecrypt(cipherText);
   }
 
   private String quickDecrypt(String cipherText) {

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge36.java

@@ -1,8 +1,7 @@
 package org.owasp.wrongsecrets.challenges.docker;
 
 import lombok.extern.slf4j.Slf4j;
-import org.owasp.wrongsecrets.challenges.Challenge;
-import org.owasp.wrongsecrets.challenges.Spoiler;
+import org.owasp.wrongsecrets.challenges.FixedAnswerChallenge;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.MuslDetectorImpl;
 import org.springframework.stereotype.Component;
@@ -12,24 +11,12 @@
  */
 @Slf4j
 @Component
-public class Challenge36 implements Challenge {
-  private final BinaryExecutionHelper binaryExecutionHelper;
-  private String executable;
-
-  public Challenge36() {
-    this.executable = "wrongsecrets-advanced-c";
-    this.binaryExecutionHelper = new BinaryExecutionHelper(36, new MuslDetectorImpl());
-  }
-
-  @Override
-  public Spoiler spoiler() {
-    return new Spoiler(binaryExecutionHelper.executeCommand("spoil", executable));
-  }
+public class Challenge36 extends FixedAnswerChallenge {
 
   @Override
-  public boolean answerCorrect(String answer) {
-    return binaryExecutionHelper
-        .executeCommand(answer, executable)
-        .equals("This is correct! Congrats!");
+  public String getAnswer() {
+    BinaryExecutionHelper binaryExecutionHelper =
+        new BinaryExecutionHelper(36, new MuslDetectorImpl());
+    return binaryExecutionHelper.executeCommand("spoil", "wrongsecrets-advanced-c");
   }
 }

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge4.java

@@ -1,13 +1,12 @@
 package org.owasp.wrongsecrets.challenges.docker;
 
-import org.owasp.wrongsecrets.challenges.Challenge;
-import org.owasp.wrongsecrets.challenges.Spoiler;
+import org.owasp.wrongsecrets.challenges.FixedAnswerChallenge;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
 /** This challenge is about having a secrets stored as a Docker ARG var. */
 @Component
-public class Challenge4 implements Challenge {
+public class Challenge4 extends FixedAnswerChallenge {
 
   private final String argBasedPassword;
 
@@ -16,12 +15,7 @@ public Challenge4(@Value("${ARG_BASED_PASSWORD}") String argBasedPassword) {
   }
 
   @Override
-  public Spoiler spoiler() {
-    return new Spoiler(argBasedPassword);
-  }
-
-  @Override
-  public boolean answerCorrect(String answer) {
-    return argBasedPassword.equals(answer) || argBasedPassword.equals("'" + answer + "'");
+  public String getAnswer() {
+    return argBasedPassword;
   }
 }

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge50.java

@@ -1,39 +1,20 @@
 package org.owasp.wrongsecrets.challenges.docker;
 
-import com.google.api.client.util.Strings;
 import lombok.extern.slf4j.Slf4j;
-import org.owasp.wrongsecrets.challenges.Challenge;
-import org.owasp.wrongsecrets.challenges.Spoiler;
+import org.owasp.wrongsecrets.challenges.FixedAnswerChallenge;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper;
 import org.owasp.wrongsecrets.challenges.docker.binaryexecution.MuslDetectorImpl;
 import org.springframework.stereotype.Component;
 
 /** challenge about dotnet binaries. Please download them from the wrongsecrets-binaries release. */
 @Slf4j
 @Component
-public class Challenge50 implements Challenge {
-  private final BinaryExecutionHelper binaryExecutionHelper;
-  private String correctAnswer;
+public class Challenge50 extends FixedAnswerChallenge {
 
-  public Challenge50() {
-    this.binaryExecutionHelper = new BinaryExecutionHelper(50, new MuslDetectorImpl());
-  }
-
-  /** {@inheritDoc} */
-  @Override
-  public Spoiler spoiler() {
-    if (Strings.isNullOrEmpty(correctAnswer)) {
-      this.correctAnswer = binaryExecutionHelper.executeCommand("", "wrongsecrets-dotnet");
-    }
-    return new Spoiler(correctAnswer);
-  }
-
-  /** {@inheritDoc} */
   @Override
-  public boolean answerCorrect(String answer) {
-    if (Strings.isNullOrEmpty(correctAnswer)) {
-      this.correctAnswer = binaryExecutionHelper.executeCommand("", "wrongsecrets-dotnet");
-    }
-    return correctAnswer.equals(answer);
+  public String getAnswer() {
+    BinaryExecutionHelper binaryExecutionHelper =
+        new BinaryExecutionHelper(50, new MuslDetectorImpl());
+    return binaryExecutionHelper.executeCommand("", "wrongsecrets-dotnet");
   }
 }