Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Native languages round 2: SWift! #615

Open
2 tasks
Tracked by #37
commjoen opened this issue Feb 13, 2023 · 5 comments
Open
2 tasks
Tracked by #37

Native languages round 2: SWift! #615

commjoen opened this issue Feb 13, 2023 · 5 comments
Assignees
@commjoen
Labels
blocked Something cannot be done yet New Challenge Adding a new Challenge

Comments

@commjoen
Copy link
Collaborator

commjoen commented Feb 13, 2023
edited
Loading

This challenge is about finding hardcoded secrets in binaries in Swift! With this we want to explain to our users that no language or binary is safe to just put the secret in offline. For this you need to:

  • Add a swift binary to the wrongsecrets/binaries repowith crosscompiling for the various OSes
  • Add a challenge here that uses the binary (See contributing.md and the code of the other binary challenges).
@commjoen commjoen mentioned this issue Feb 13, 2023
Open
41 tasks
@commjoen commjoen added New Challenge Adding a new Challenge help wanted Extra attention is needed labels Feb 13, 2023
@commjoen
Copy link
Collaborator Author

commjoen commented Feb 23, 2024
edited
Loading

https://github.com/compnerd/gha-setup-swift and https://github.com/marketplace/actions/install-swift-on-linux for github actions to build for linux and windows

@commjoen
Copy link
Collaborator Author

https://www.swift.org/documentation/server/guides/building.html

@commjoen commjoen self-assigned this Feb 23, 2024
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 23, 2024
@commjoen
Initial swift creation for OWASP/wrongsecrets#615
8ba33e8
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 23, 2024
@commjoen
early crosscompiling for OWASP/wrongsecrets#615
1467d3d
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 23, 2024
@commjoen
early crosscompiling for OWASP/wrongsecrets#615 part 2
e41f8bd
@commjoen commjoen changed the title Native languages round 2: SWift! (serverside swift with viper?) Native languages round 2: SWift! Feb 23, 2024
@commjoen commjoen removed the help wanted Extra attention is needed label Feb 23, 2024
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 23, 2024
@commjoen
early crosscompiling for OWASP/wrongsecrets#615 part 3; only windows …
b3c45f7 
…and musl to do
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 24, 2024
@commjoen
github action for mac and linux for OWASP/wrongsecrets#615
8d9b344
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 24, 2024
@commjoen
Specify swift version OWASP/wrongsecrets#615
ce0e790
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 24, 2024
@commjoen
Specify swift version OWASP/wrongsecrets#615
b861088
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 26, 2024
@commjoen
link swift libs to make them run by themselves OWASP/wrongsecrets#615
73d261d
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 26, 2024
@commjoen
fix glibc runners OWASP/wrongsecrets#615
492fb13
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 26, 2024
@commjoen
fix glibc runners OWASP/wrongsecrets#615
08b29ed
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 26, 2024
@commjoen
fix glibc runners OWASP/wrongsecrets#615
a6d40d9
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 26, 2024
@commjoen
fix glibc runners OWASP/wrongsecrets#615
e952c78
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 26, 2024
@commjoen
fix glibc runners OWASP/wrongsecrets#615
da924b0
commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 26, 2024
@commjoen
fix glibc runners OWASP/wrongsecrets#615
dcc8149
@commjoen
Copy link
Collaborator Author

OWASP/wrongsecrets-binaries#50 is almost complete: is just needs alpine support in order to build out the challenge.

@commjoen commjoen added the blocked Something cannot be done yet label Feb 27, 2024
@commjoen
Copy link
Collaborator Author

In order to continue this challenge, we will first have to wait for Alpine support. Let's wait for swiftlang/swift#62245 to be completed. We contacted the developer on whether there is a way to use his work already to compile our OWASP/wrongsecrets-binaries#50 for Alpine.

commjoen added a commit to OWASP/wrongsecrets-binaries that referenced this issue Feb 27, 2024
@commjoen
Windows commet OWASP/wrongsecrets#615
22fb79b
@commjoen
Copy link
Collaborator Author

commjoen commented Feb 28, 2024
edited
Loading

Status update: I did not find any way to use the code on all designated platforms. I could not make run swift on alpine. We tested various glibc methods on musl as well and they don’t work either. Maybe fully static linking could do?

@github-project-automation github-project-automation bot moved this to In progress in Kanban board Aug 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@commjoen commjoen

Labels
blocked Something cannot be done yet New Challenge Adding a new Challenge
Projects
Kanban board
Status: In progress
Milestone
No milestone
Development

No branches or pull requests
1 participant
@commjoen