Small vuln fix and version updates

Author: commjoen

helm/wrongsecrets-ctf-party/templates/wrongsecrets-balancer/deployment.yaml

@@ -59,7 +59,7 @@ spec:
             - name: WRONGSECRETS_TAG
               value: {{ .Values.wrongsecrets.tag}}
             - name: WRONGSECRETS_DESKTOP_TAG
-              value: 1.5.7RC1
+              value: 1.5.7
             - name: REACT_APP_CREATE_TEAM_HMAC_KEY
               value: hardcodedkey
             - name: SECRETS_MANAGER_SECRET_ID_1

helm/wrongsecrets-ctf-party/values.yaml

@@ -96,7 +96,7 @@ wrongsecrets:
   maxInstances: 500
   # -- Juice Shop Image to use
   image: jeroenwillemsens/wrongsecrets
-  tag: 1.5.5-no-vault
+  tag: 1.5.7-no-vault
   # -- Change the key when hosting a CTF event. This key gets used to generate the challenge flags. See: https://github.com/commjoen/wrongsecrets#ctf
   ctfKey: "[email protected]!9uR_K!NfkkTr"
   # -- Specify a custom Juice Shop config.yaml. See the JuiceShop Config Docs for more detail: https://pwning.owasp-juice.shop/part1/customization.html#yaml-configuration-file

wrongsecrets-balancer/src/app.js

@@ -66,7 +66,7 @@ app.get('/balancer/dynamics', (req, res) => {
     heroku_wrongsecret_ctf_url: process.env['REACT_APP_HEROKU_WRONGSECRETS_URL'],
     ctfd_url: process.env['REACT_APP_CTFD_URL'],
     s3_bucket_url: process.env['REACT_APP_S3_BUCKET_URL'],
-    hmac_key: process.env['REACT_APP_CREATE_TEAM_HMAC_KEY'],
+    hmac_key: process.env['REACT_APP_CREATE_TEAM_HMAC_KEY'] || 'hardcodedkey',
     enable_password: usePassword,
   });
 });

wrongsecrets-balancer/src/proxy/proxy.js

@@ -152,6 +152,11 @@ function proxyTrafficToJuiceShop(req, res) {
       //   `we have cookies: ${JSON.stringify(req.cookies)} and  ${JSON.stringify(req.signedCookies)}`
       // );
       const upgradeTeamname = extractTeamName(req);
+      const regex = new RegExp('^[a-z0-9]([-a-z0-9])+[a-z0-9]$', 'i');
+      if (!regex.test(upgradeTeamname)) {
+        logger.info(`Got malformed teamname: ${upgradeTeamname}s`);
+        return res.redirect('/balancer/');
+      }
       logger.info(`proxying upgrade request for: ${req.url} with team ${upgradeTeamname}`);
       proxy.ws(req, socket, head, {
         target: `ws://${upgradeTeamname}-virtualdesktop.${upgradeTeamname}.svc:8080`,