Github action (Forkable)

- [ ] create Base64 encoded ciphertext and embed as content in application.properties
- [ ] Embed plaintext in java file hardcoded
- [ ] put key as github action secret which can be retrieved through forking and exfiltrated with double base64 encoding
- [ ] make sure there are 2 secrets to be leaked: a fake build-secret and the decryption/encryption key and ensure that the expalantion shows why it is important to safeguard build secrets.
- [ ] refer to https://github.com/SpiderLabs/CryptOMG for more crypto in the comments ;-)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Github action (Forkable) #144

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Github action (Forkable) #144

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions