commjoen
commented
6 months ago https://github.com/compnerd/gha-setup-swift and https://github.com/marketplace/actions/install-swift-on-linux for github actions to build for linux and windows
Open commjoen opened 1 year ago
commjoen
commented
6 months ago https://github.com/compnerd/gha-setup-swift and https://github.com/marketplace/actions/install-swift-on-linux for github actions to build for linux and windows
commjoen
commented
6 months ago commjoen
commented
6 months ago https://github.com/OWASP/wrongsecrets-binaries/pull/50 is almost complete: is just needs alpine support in order to build out the challenge.
commjoen
commented
6 months ago In order to continue this challenge, we will first have to wait for Alpine support. Let's wait for https://github.com/apple/swift/pull/62245 to be completed. We contacted the developer on whether there is a way to use his work already to compile our https://github.com/OWASP/wrongsecrets-binaries/pull/50 for Alpine.
commjoen
commented
6 months ago Status update: I did not find any way to use the code on all designated platforms. I could not make run swift on alpine. We tested various glibc methods on musl as well and they don’t work either. Maybe fully static linking could do?
This challenge is about finding hardcoded secrets in binaries in Swift! With this we want to explain to our users that no language or binary is safe to just put the secret in offline. For this you need to: