beautifying headers

skills · Jan 5, 2024 · f1b0dc5 · f1b0dc5
1 parent b6db4b6
commit f1b0dc5
Show file tree

Hide file tree

Showing 24 changed files with 197 additions and 232 deletions.
diff --git a/Season-1/Level-1/code.py b/Season-1/Level-1/code.py
@@ -1,14 +1,14 @@
 '''
-////////////////////////////////////////////////////////////
-///                                                      ///
-///   0. tests.py is passing but the code is vulnerable  /// 
-///   1. Review the code. Can you spot the bug?          ///
-///   2. Fix the code but ensure that tests.py passes    ///
-///   3. Run hack.py and if passing then CONGRATS!       ///
-///   4. If stuck then read the hint                     ///
-///   5. Compare your solution with solution.py          ///
-///                                                      ///
-////////////////////////////////////////////////////////////
+Welcome to Secure Code Game Season-1/Level-1!
+
+Follow the instructions below to get started:
+
+1. tests.py is passing but code.py is vulnerable
+2. Review the code. Can you spot the bug?
+3. Fix the code but ensure that tests.py passes
+4. Run hack.py and if passing then CONGRATS!
+5. If stuck then read the hint
+6. Compare your solution with solution.py
 '''
 
 from collections import namedtuple

diff --git a/Season-1/Level-2/code.h b/Season-1/Level-2/code.h
@@ -1,11 +1,11 @@
-////////////////////////////////////////////////////////
-///                                                  ///
-///   0. Perform code review. Can you spot the bug?  /// 
-///   1. Run tests.c to test the functionality       ///
-///   2. Run hack.c and if passing then CONGRATS!    ///
-///   3. Compare your solution with solution.c       ///
-///                                                  ///
-////////////////////////////////////////////////////////
+// Welcome to Secure Code Game Season-1/Level-2!
+
+// Follow the instructions below to get started:
+
+// 1. Perform code review. Can you spot the bug? 
+// 2. Run tests.c to test the functionality
+// 3. Run hack.c and if passing then CONGRATS!
+// 4. Compare your solution with solution.c
 
 #include <stdbool.h>
 #include <stddef.h>

diff --git a/Season-1/Level-2/hack.c b/Season-1/Level-2/hack.c
@@ -1,19 +1,12 @@
-///////////////////////////////////////////////////////////////////////////
-///                             RUN HACK                                ///
-/// ___________________________________________________________________ ///
-///                                                                     ///
-///         This file exploits the vulnerabilities in code.h            ///
-///         Running this file will fail initially (it contains			///
-///         failing tests). As all other levels, your goal is			///
-///         to get this file to pass. Run this file using:				///
-///                                                                     ///
-///      Run hack by opening a terminal and running the following:      ///
-///        $ make Season-1/Level-2/hack && ./Season-1/Level-2/hack      ///
-///                                                                     ///
-///		 As a reminder, to pass this level, both this file				///
-///                 alongside tests.c must pass.						///
-///																		///
-///////////////////////////////////////////////////////////////////////////
+// Run hack.c by following the instructions below:
+
+// This file exploits the vulnerabilities in code.h. Running this file will fail initially as it contains failing tests. 
+// As all other levels, your goal is to get this file to pass.
+
+// Run hack by opening a terminal and running the following:
+// $ make Season-1/Level-2/hack && ./Season-1/Level-2/hack
+
+// As a reminder, to pass this level, both this file alongside tests.c must pass.
 
 #include "code.h"
 

diff --git a/Season-1/Level-2/solution.c b/Season-1/Level-2/solution.c
@@ -1,9 +1,5 @@
-///////////////////////////////////////////////////
-///                                             ///
-///   Vulnerability was in line 83 of code.h    ///
-///   Fix can be found in line 82 below         ///
-///                                             ///
-///////////////////////////////////////////////////
+// Vulnerability was in line 83 of code.h
+// Fix can be found in line 77 below
 
 #include <stdbool.h>
 #include <stddef.h>

diff --git a/Season-1/Level-2/tests b/Season-1/Level-2/tests
diff --git a/Season-1/Level-2/tests.c b/Season-1/Level-2/tests.c
@@ -1,13 +1,9 @@
-///////////////////////////////////////////////////////////////////////////
-///                      		RUN TESTS                      			///
-/// ___________________________________________________________________ ///
-///                                                      			    ///
-///               This file contains passing tests.					    ///
-///       															    ///
-///	 	 Run them by opening a terminal and running the following:      ///
-///      $ make Season-1/Level-2/tests && ./Season-1/Level-2/tests      ///
-///									                    				///
-///////////////////////////////////////////////////////////////////////////
+// Run tests.c by following the instructions below:
+
+// This file contains passing tests.
+
+// Run them by opening a terminal and running the following:
+// $ make Season-1/Level-2/tests && ./Season-1/Level-2/tests
 
 #include "code.h"
 

diff --git a/Season-1/Level-3/code.py b/Season-1/Level-3/code.py
@@ -1,3 +1,7 @@
+# Welcome to Secure Code Game Season-1/Level-3!
+
+# You know how to play by now, good luck!
+
 import os
 from flask import Flask, request
 

diff --git a/Season-1/Level-5/code.py b/Season-1/Level-5/code.py
@@ -1,3 +1,7 @@
+# Welcome to Secure Code Game Season-1/Level-5!
+
+# This is the last level of our first season, good luck!
+
 import binascii
 import random
 import secrets

diff --git a/Season-2/Level-1/code.yml b/Season-2/Level-1/code.yml
@@ -1,3 +1,7 @@
+# Welcome to Secure Code Game Season-2/Level-1!
+
+# Follow the instructions below to get started:
+
 # Due to the nature of GitHub Actions, please find this level's vulnerable code inside:
 # .github/workflows/jarvis-code.yml
 

diff --git a/Season-2/Level-2/code.go b/Season-2/Level-2/code.go
@@ -1,13 +1,13 @@
-///////////////////////////////////////////////////////////////////
-///																///
-///	  0. code_test.go is passing but the code is vulnerable		///
-///	  1. Review the code. Can you spot the bugs(s)?				///
-///	  2. Fix the code.go, but ensure that code_test.go passes	///
-///	  3. Run hack_test.go and if passing then CONGRATS!			///
-///	  4. If stuck then read the hint							///
-///	  5. Compare your solution with solution/solution.go		///
-///																///
-///////////////////////////////////////////////////////////////////
+// Welcome to Secure Code Game Season-2/Level-2!
+
+// Follow the instructions below to get started:
+
+// 1. code_test.go is passing but the code is vulnerable
+// 2. Review the code. Can you spot the bugs(s)?
+// 3. Fix the code.go, but ensure that code_test.go passes
+// 4. Run hack_test.go and if passing then CONGRATS!
+// 5. If stuck then read the hint
+// 6. Compare your solution with solution/solution.go
 
 package main
 
@@ -88,4 +88,4 @@ func main() {
 	if err != nil {
 		log.Fatalf("HTTP server ListenAndServe: %q", err)
 	}
-}
+}
diff --git a/Season-2/Level-2/code_test.go b/Season-2/Level-2/code_test.go
@@ -1,16 +1,12 @@
-/////////////////////////////////////////////////////////////////////////////
-///								RUN TESTS								  ///
-/// _____________________________________________________________________ ///
-///																		  ///
-///				This file contains passing tests.						  ///
-///																		  ///
-///		Run them by opening a terminal and running the following:		  ///
-///	 $ go test -v Season-2/Level-2/code.go Season-2/Level-2/code_test.go  ///
-///																		  ///
-///		If 'go' is not found when running the above, install it from:	  ///
-///							https://go.dev/dl/							  ///
-///																		  ///
-/////////////////////////////////////////////////////////////////////////////
+// Run code_test.go by following the instructions below:
+
+// This file contains passing tests.
+
+// Run them by opening a terminal and running the following:
+// $ go test -v Season-2/Level-2/code.go Season-2/Level-2/code_test.go
+
+// If 'go' is not found when running the above, install it from:
+// https://go.dev/dl/
 
 package main
 
@@ -135,4 +131,4 @@ func TestMain(m *testing.M) {
 
 	exitCode := m.Run()
 	os.Exit(exitCode)
-}
+}
diff --git a/Season-2/Level-2/hack_test.go b/Season-2/Level-2/hack_test.go
@@ -1,22 +1,17 @@
-/////////////////////////////////////////////////////////////////////////////
-///                      	RUN HACK                      				  ///
-/// _____________________________________________________________________ ///
-///																		  ///
-/// 	 	This file exploits the vulnerabilities in code. 			  ///
-///		   Running this file will fail initially (it contains			  ///
-///	       failing tests). As all other levels, your goal is			  /// 
-///	       to get this file to pass. Run this file using:				  ///
-///                                                      				  ///
-///	     Run hack by opening a terminal and running the following:  	  ///
-///  $ go test -v Season-2/Level-2/code.go Season-2/Level-2/hack_test.go  ///
-///										            					  ///
-///		 As a reminder, to pass this level, both this file				  ///
-///		 		  alongside code_test.go must pass.						  ///
-///																		  ///
-///	   If 'go' is not found when running the above, install it from:	  ///
-///		 					https://go.dev/dl/							  ///
-///																		  ///
-/////////////////////////////////////////////////////////////////////////////
+// Run hack_test.go by following the instructions below:
+
+// This file exploits the vulnerabilities in code. Running this file will fail initially
+// (it contains failing tests). As all other levels, your goal is to get this file to pass.
+
+// Run this file using:
+
+// Run hack by opening a terminal and running the following:
+// $ go test -v Season-2/Level-2/code.go Season-2/Level-2/hack_test.go
+
+// As a reminder, to pass this level, both this file alongside code_test.go must pass.
+
+// If 'go' is not found when running the above, install it from:
+// https://go.dev/dl/
 
 package main
 
@@ -104,4 +99,4 @@ func TestLoginHandler_SensitiveLog_ValidCredentials_FIXME(t *testing.T) {
 		t.Errorf("Expected body %q, but got %q", expectedRespLog, logOutput)
 		t.Fail()
 	}
-}
+}
diff --git a/Season-2/Level-2/solution/solution.go b/Season-2/Level-2/solution/solution.go
@@ -1,20 +1,18 @@
-////////////////////////////////////////////////////////////////////////////////////////////////////
-///                      			           FIX												 ///
-/// ____________________________________________________________________________________________ ///
-///																								 ///
-///	1) Remove the email being logged here:														 ///
-///		log.Printf("Invalid email format: %q", email)											 ///
-///		log.Printf("Invalid email format")														 ///
-///																								 ///
-///	2) Fix the error message to prevent user enumeration here:									 ///
-///		http.Error(w, "invalid email or password", http.StatusUnauthorized)						 ///
-///		http.Error(w, "Invalid Email or Password", http.StatusUnauthorized)						 ///
-///																								 ///
-///	3) Remove the email and password being logged here:										 	 ///
-///		log.Printf("User %q logged in successfully with a valid password %q", email, password)	 ///
-///		log.Printf("Successful login request")							 						 ///
-///																								 ///
-////////////////////////////////////////////////////////////////////////////////////////////////////
+// Solution explained:
+
+// 1) Remove the email being logged here:
+// 		log.Printf("Invalid email format: %q", email)
+// 		log.Printf("Invalid email format")
+
+// 2) Fix the error message to prevent user enumeration here:
+// 		http.Error(w, "invalid email or password", http.StatusUnauthorized)
+// 		http.Error(w, "Invalid Email or Password", http.StatusUnauthorized)
+
+// 3) Remove the email and password being logged here:
+// 		log.Printf("User %q logged in successfully with a valid password %q", email, password)
+// 		log.Printf("Successful login request")
+
+// Full solution follows:
 
 package main
 
@@ -101,4 +99,4 @@ func main() {
 	if err != nil {
 		log.Fatalf("HTTP server ListenAndServe: %q", err)
 	}
-}
+}
diff --git a/Season-2/Level-2/solution/solution_test.go b/Season-2/Level-2/solution/solution_test.go
@@ -1,17 +1,13 @@
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-///											RUN TESTS												///
-/// _______________________________________________________________________________________________	///
-///																									///
-///					This file is a copy of code_test.go and hack_test.go							///
-///					It tests the solution for failing and passing payloads							///
-///																									///
-///					Run them by opening a terminal and running the following:						///
-///	$ go test -v Season-2/Level-2/solution/solution.go Season-2/Level-2/solution/solution_test.go	///
-///																									///
-///					If 'go' is not found when running the above, install it from:					///
-///										https://go.dev/dl/											///
-///																									///
-///////////////////////////////////////////////////////////////////////////////////////////////////////
+// Run solution_test.go by following the instructions below:
+
+// This file is a copy of code_test.go and hack_test.go
+// It tests the solution for failing and passing payloads
+
+// Run them by opening a terminal and running the following:
+// $ go test -v Season-2/Level-2/solution/solution.go Season-2/Level-2/solution/solution_test.go
+
+// If 'go' is not found when running the above, install it from:
+// https://go.dev/dl/
 
 package main
 
@@ -215,4 +211,4 @@ func TestMain(m *testing.M) {
 }
 
 // Contribute new levels to the game in 3 simple steps!
-// Read our Contribution Guideline at github.com/skills/secure-code-game/blob/main/CONTRIBUTING.md
+// Read our Contribution Guideline at github.com/skills/secure-code-game/blob/main/CONTRIBUTING.md
diff --git a/Season-2/Level-3/code.py b/Season-2/Level-3/code.py
@@ -1,22 +1,19 @@
-# //////////////////////////////////////////////////////////////////////
-# ///                                                                ///
-# ///   0. tests.py file is passing but the code here is vulnerable  ///
-# ///   1. Review the code in this file. Can you spot the bugs(s)?   ///
-# ///   2. Fix the bug(s) in code.py. Ensure that tests.py passes    ///
-# ///   3. Run hack.py and if passing then CONGRATS!                 ///
-# ///   4. If stuck then read the hint                               ///
-# ///   5. Compare your solution with solution.txt                   ///
-# ///                                                                ///
-# //////////////////////////////////////////////////////////////////////
-
-# //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
-# ///                               RUN CODE (RECOMMENDED TO PASS THIS LEVEL)                                            ///
-# /// __________________________________________________________________________________________________________________ ///
-# ///                                                                                                                    ///
-# ///  Run by opening a terminal and running the following:                                                              ///
-# ///  $ export FLASK_APP=Season-2/Level-3/code.py && export FLASK_ENV=development && export FLASK_DEBUG=0 && flask run  ///
-# ///                                                                                                                    ///
-# //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+# Welcome to Secure Code Game Season-2/Level-3!
+
+# Follow the instructions below to get started:
+
+# 1. tests.py file is passing but code.py is vulnerable
+# 2. Review the code in this file. Can you spot the bugs(s)?
+# 3. Fix the bug(s) in code.py. Ensure that tests.py passes
+# 4. Run hack.py and if passing then CONGRATS!
+# 5. If stuck then read the hint
+# 6. Compare your solution with solution.txt
+
+
+# Run code.py (RECOMMENDED for this level) by following the instructions below:
+
+# Run by opening a terminal and running the following:
+# $ export FLASK_APP=Season-2/Level-3/code.py && export FLASK_ENV=development && export FLASK_DEBUG=0 && flask run
 
 import os
 import re

diff --git a/Season-2/Level-3/hack.py b/Season-2/Level-3/hack.py
@@ -1,20 +1,16 @@
-# ///////////////////////////////////////////////////////////////////////
-# ///                          RUN HACK                               ///
-# /// _______________________________________________________________ ///
-# ///																  ///
-# ///   This file exploits the vulnerabilities in code.py 			  ///
-# ///   To run this file, you must be running code.py (flask app)     ///
-# ///   in parallel. To do this, we recommend opening 2 terminals.    ///
-# ///   In the first terminal, run the app following the instructions ///
-# ///   in code.py, and in the second terminal run this file using:   ///
-# ///                                                                 ///
-# ///   $ python3 Season-2/Level-3/hack.py                            ///
-# ///                                                                 ///                
-# ///   Running this file will fail initially (it contains failing    ///
-# ///   tests). As all other levels, your goal is to get this file    ///
-# ///   to pass while ensuring that the tests.py file still passes.   ///
-# ///                                                                 ///         
-# ///////////////////////////////////////////////////////////////////////
+# Run hack.py by following the instructions below:
+
+# This file exploits the vulnerabilities in code.py
+# To run this file, you must be running code.py (flask app)
+# in parallel. To do this, we recommend opening 2 terminals.
+
+# In the first terminal, run the app following the instructions
+# in code.py, and in the second terminal run this file using:
+# $ python3 Season-2/Level-3/hack.py
+
+# Running this file will fail initially (it contains failing
+# tests). As all other levels, your goal is to get this file
+# to pass while ensuring that the tests.py file still passes.
 
 import requests