Challenge 0

Welcome to challenge 0. You need to guess the secret that is hidden in Java, Docker, Kubernetes, Vault, AWS or GCP.

Opening Challenge

Welcome to OWASP WrongSecrets its opening challenge!

In this challenge, we explain you everything you need to know to play OWASP WrongSecrets.

Every challenge is about finding a secret that has not been well hidden and/or configured inside our application code, Docker container, or in one of the related parts of the system.

Once you found the secret, you can put it in the box below and press "Submit". The "Clear" button will clean the input box. Want to play the challenge again? Press the "Reset button".

The correct answer below is The first answer . Copy it in the box and press "Submit".

Have a lot of fun with the more difficult challenges ;-).

Answer to solution :

When you press the "Show hints" button, we will give you hints on how to solve that specific challenge.

Why are we doing this?

With this project, we hope that you will have some fun hunting for secrets. At the same time, we hope that you will learn about other peoples mistakes when it comes to secrets management, so that you will not make the same mistakes.

Did you know that we spotted all of these challenges in the wild? They can therefore be a great help if you want to do more bounty hunting.

Previous
Go the main page
Next
0