Merge pull request #2464 from OWASP/copilot/use-mcp-server-google-service-account

Add Challenge 62: MCP privilege escalation via Google Service Account on Google Drive

Author: commjoen

.github/scripts/.bash_history

@@ -347,7 +347,7 @@ rm -rf jdk-18_linux-x64_bin.deb
 git rebase -i main
 git rebase -i master
 git stash
-export tempPassword="mO5vAFh3aK4tBr54zX8P9BS8LpT96gJWcKL5r0yZxhE="
+export tempPassword="xlhyzFAFKJnjmzPtnM+q9ezt0xiZO5seUT+f4t/46SY="
 mvn run tempPassword
 k6
 npx k6

.gitignore

@@ -82,6 +82,9 @@ src/main/resources/executables/wrongsecrets-dotnet*
 k8s/challenge53/executables/wrongsecrets-challenge53-c
 k8s/challenge53/executables/wrongsecrets-challenge53-c*
 
+# Challenge 62
+challenge62-key.json
+
 # Node JS
 js/node/
 js/node_modules/

.lycheeignore

@@ -33,3 +33,6 @@ https://github.com/topics/secrets-detection
 
 # Helm docs are flaky in CI (connection resets)
 https://helm.sh/docs/intro/install/
+
+# Google Docs require authentication and always return 401 to link checkers
+https://docs.google.com/document/*

Dockerfile

@@ -1,7 +1,7 @@
 FROM bellsoft/liberica-openjre-debian:25-cds AS builder
 WORKDIR /builder
 
-ARG argBasedVersion="1.13.1"
+ARG argBasedVersion="1.13.2alpha1"
 
 COPY --chown=wrongsecrets target/wrongsecrets-${argBasedVersion}-SNAPSHOT.jar application.jar
 RUN java -Djarmode=tools -jar application.jar extract --layers --destination extracted
@@ -19,6 +19,10 @@ ENV DOCKER_ENV_PASSWORD="This is it"
 ENV AZURE_KEY_VAULT_ENABLED=false
 ENV CHALLENGE59_SLACK_WEBHOOK_URL=$challenge59_webhook_url
 ENV WRONGSECRETS_MCP_SECRET=MCPStolenSecret42!
+ARG GOOGLE_SERVICE_ACCOUNT_KEY="if_you_see_this_configure_the_google_service_account_properly"
+ARG GOOGLE_DRIVE_DOCUMENT_ID="1PlZkwEd7GouyY4cdOxBuczm6XumQeuZN31LR2BXRgPs"
+ENV GOOGLE_SERVICE_ACCOUNT_KEY=$GOOGLE_SERVICE_ACCOUNT_KEY
+ENV GOOGLE_DRIVE_DOCUMENT_ID=$GOOGLE_DRIVE_DOCUMENT_ID
 ENV SPRINGDOC_UI=false
 ENV SPRINGDOC_DOC=false
 ENV BASTIONHOSTPATH="/home/wrongsecrets/.ssh"

Dockerfile.web

@@ -1,5 +1,5 @@
-FROM jeroenwillemsen/wrongsecrets:1.13.1-no-vault
-ARG argBasedVersion="1.13.1-no-vault"
+FROM jeroenwillemsen/wrongsecrets:1.13.2alpha1-no-vault
+ARG argBasedVersion="1.13.2alpha1-no-vault"
 ARG spring_profile="without-vault"
 ARG CANARY_URLS="http://canarytokens.com/terms/about/s7cfbdakys13246ewd8ivuvku/post.jsp,http://canarytokens.com/terms/about/y0all60b627gzp19ahqh7rl6j/post.jsp"
 ARG CTF_ENABLED=false
@@ -39,6 +39,10 @@ ENV default_aws_value_challenge_11=$CHALLENGE_11_VALUE
 ENV BASTIONHOSTPATH="/home/wrongsecrets/.ssh"
 ENV PROJECTSPECPATH="/var/helpers/project-specification.mdc"
 ENV funnybunny="This is a funny bunny"
+ARG GOOGLE_SERVICE_ACCOUNT_KEY="if_you_see_this_configure_the_google_service_account_properly"
+ARG GOOGLE_DRIVE_DOCUMENT_ID="1PlZkwEd7GouyY4cdOxBuczm6XumQeuZN31LR2BXRgPs"
+ENV GOOGLE_SERVICE_ACCOUNT_KEY=$GOOGLE_SERVICE_ACCOUNT_KEY
+ENV GOOGLE_DRIVE_DOCUMENT_ID=$GOOGLE_DRIVE_DOCUMENT_ID
 # Keep memory usage within Heroku dyno limits (512MB dyno).
 # Hard cap heap to 250M, metaspace to 60M, disable expensive GC, exit on OOM immediately.
 ENV JAVA_TOOL_OPTIONS="-Xmx250M -Xms128M -XX:MetaspaceSize=40M -XX:MaxMetaspaceSize=60M -XX:CompressedClassSpaceSize=32M -XX:+UseG1GC -XX:MaxGCPauseMillis=50 -XX:+ExitOnOutOfMemoryError -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp/heapdump.hprof"

README.md

@@ -161,9 +161,12 @@ docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-mas
 ⚠️ **Warning**: This is a development version built from the latest master branch and may contain experimental features or instabilities.
 
 **📝 Note on Ports:**
-- Port **8080**: Main application (challenges 0-61)
+- Port **8080**: Main application (challenges 0-62)
 - Port **8090**: MCP server (required for Challenge 60)
 
+**📝 Note on Challenge 62 (Google Drive MCP):**
+Challenge 62 requires a Google Service Account to be configured for full functionality. See [docs/CHALLENGE62_GOOGLE_DRIVE_SETUP.md](docs/CHALLENGE62_GOOGLE_DRIVE_SETUP.md) for setup instructions. Without configuration, the challenge will show a placeholder message.
+
 Now you can try to find the secrets by means of solving the challenge offered at the links below
 <details>
     <summary>all the links for docker challenges (click triangle to open the block).
@@ -218,6 +221,7 @@ Now you can try to find the secrets by means of solving the challenge offered at
 -   [localhost:8080/challenge/challenge-59](http://localhost:8080/challenge/challenge-59)
 -   [localhost:8080/challenge/challenge-60](http://localhost:8080/challenge/challenge-60)
 -   [localhost:8080/challenge/challenge-61](http://localhost:8080/challenge/challenge-61)
+-   [localhost:8080/challenge/challenge-62](http://localhost:8080/challenge/challenge-62)
 </details>
 
 Note that these challenges are still very basic, and so are their explanations. Feel free to file a PR to make them look
@@ -246,7 +250,7 @@ If you want to host WrongSecrets on Railway, you can do so by deploying [this on
 
 ## Basic K8s exercise
 
-_Can be used for challenges 0-6, 8, 12-43, 48-61_
+_Can be used for challenges 0-6, 8, 12-43, 48-62_
 
 ### Minikube based
 
@@ -341,7 +345,7 @@ This is because if you run the start script again it will replace the secret in
 
 ## Cloud Challenges
 
-_Can be used for challenges 0-61_
+_Can be used for challenges 0-62_
 
 **READ THIS**: Given that the exercises below contain IAM privilege escalation exercises,
 never run this on an account which is related to your production environment or can influence your account-over-arching

aws/k8s/secret-challenge-vault-deployment.yml

@@ -58,7 +58,7 @@ spec:
             volumeAttributes:
               secretProviderClass: "wrongsecrets-aws-secretsmanager"
       containers:
-        - image: jeroenwillemsen/wrongsecrets:1.13.1-k8s-vault
+        - image: jeroenwillemsen/wrongsecrets:1.13.2alpha1-k8s-vault
           imagePullPolicy: IfNotPresent
           name: secret-challenge
           command: ["/bin/sh"]

azure/k8s/secret-challenge-vault-deployment.yml.tpl

@@ -61,7 +61,7 @@ spec:
             volumeAttributes:
               secretProviderClass: "azure-wrongsecrets-vault"
       containers:
-        - image: jeroenwillemsen/wrongsecrets:1.13.1-k8s-vault
+        - image: jeroenwillemsen/wrongsecrets:1.13.2alpha1-k8s-vault
           imagePullPolicy: IfNotPresent
           name: secret-challenge
           command: ["/bin/sh"]

docs/CHALLENGE62_GOOGLE_DRIVE_SETUP.md

@@ -0,0 +1,220 @@
+# Challenge 62: Google Service Account Setup Guide
+
+This guide explains how to configure Challenge 62, which demonstrates privilege escalation via an MCP (Model Context Protocol) server using a Google Service Account to access restricted Google Drive documents.
+
+## Overview
+
+Challenge 62 shows how an MCP server configured with an overly-privileged Google Service Account allows callers to read Google Drive documents they are not directly authorized to access. The service account acts as a privilege escalation proxy.
+
+## Runtime Behavior Notes
+
+- The challenge answer is parsed from document content between `<secret>` and `</secret>`.
+- The parsed answer is cached once in `Challenge62` and reused for answer validation.
+- `Challenge62McpController` caches Drive documents to reduce repeated API calls.
+- Cache policy: always retain the configured default document (`GOOGLE_DRIVE_DOCUMENT_ID`) plus up to 20 additional document ids.
+
+## Prerequisites
+
+- A Google Cloud project
+- Owner or Editor role on the Google Cloud project (to create service accounts)
+- A Google Drive document containing a secret
+
+## Step 1: Create a Google Cloud Project (if needed)
+
+If you don't have a Google Cloud project:
+
+```bash
+gcloud projects create YOUR_PROJECT_ID --name="WrongSecrets Challenge 62"
+gcloud config set project YOUR_PROJECT_ID
+```
+
+## Step 2: Enable the Google Drive API
+
+```bash
+gcloud services enable drive.googleapis.com
+```
+
+## Step 3: Create a Service Account
+
+```bash
+gcloud iam service-accounts create wrongsecrets-challenge62 \
+    --display-name="WrongSecrets Challenge 62 Drive Reader" \
+    --description="Service account for WrongSecrets Challenge 62 - demonstrates MCP privilege escalation"
+```
+
+## Step 4: Create and Download a Service Account Key
+
+```bash
+gcloud iam service-accounts keys create challenge62-key.json \
+    --iam-account=wrongsecrets-challenge62@YOUR_PROJECT_ID.iam.gserviceaccount.com
+```
+
+**⚠️ Security Warning**: Service account key files are sensitive credentials. Handle them carefully:
+- Do not commit key files to version control
+- Delete the key file after encoding it
+- Rotate keys regularly
+
+## Step 5: Create a Google Drive Document with the Secret
+
+1. Go to [Google Drive](https://drive.google.com) and create a new Google Doc
+2. Add your challenge secret as the document content (e.g., `my_wrongsecrets_challenge62_answer`)
+  - Recommended format: `<secret>my_wrongsecrets_challenge62_answer</secret>`
+3. Note the document ID from the URL:
+   - URL format: `https://docs.google.com/document/d/DOCUMENT_ID/edit`
+   - Copy the `DOCUMENT_ID` part
+
+## Step 6: Share the Document with the Service Account
+
+Share the Google Drive document with the service account's email address:
+
+1. Open the document in Google Drive
+2. Click **Share**
+3. Add the service account email: `wrongsecrets-challenge62@YOUR_PROJECT_ID.iam.gserviceaccount.com`
+4. Set the permission to **Viewer**
+5. Click **Send**
+
+Alternatively, use the Drive API via the CLI:
+```bash
+# Get the document ID from the URL
+DOCUMENT_ID="your_document_id_here"
+SA_EMAIL="wrongsecrets-challenge62@YOUR_PROJECT_ID.iam.gserviceaccount.com"
+
+# Share using the Drive API (requires OAuth2 token)
+curl -X POST "https://www.googleapis.com/drive/v3/files/${DOCUMENT_ID}/permissions" \
+  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
+  -H "Content-Type: application/json" \
+  -d "{\"role\": \"reader\", \"type\": \"user\", \"emailAddress\": \"${SA_EMAIL}\"}"
+```
+
+## Step 7: Encode the Service Account Key
+
+Base64-encode the service account key file:
+
+```bash
+# On Linux/macOS:
+SERVICE_ACCOUNT_KEY_B64=$(base64 -w 0 challenge62-key.json)
+
+# On macOS (if the above doesn't work):
+SERVICE_ACCOUNT_KEY_B64=$(base64 -i challenge62-key.json | tr -d '\n')
+
+echo "Your base64-encoded key (use this as GOOGLE_SERVICE_ACCOUNT_KEY):"
+echo "${SERVICE_ACCOUNT_KEY_B64}"
+```
+
+## Step 8: Configure WrongSecrets
+
+Set the following environment variables when **running** WrongSecrets. These must be provided at container start time — do **not** bake real credentials into the image via `--build-arg`, as that embeds them in the image layer history.
+
+| Variable | Description | Default (placeholder) | Example override |
+|----------|-------------|----------------------|-----------------|
+| `GOOGLE_SERVICE_ACCOUNT_KEY` | Base64-encoded service account JSON key | `if_you_see_this_configure_the_google_service_account_properly` | `eyJ0eXBlIjoic2VydmljZV9hY2...` |
+| `GOOGLE_DRIVE_DOCUMENT_ID` | Google Drive document ID | `1PlZkwEd7GouyY4cdOxBuczm6XumQeuZN31LR2BXRgPs` | your document id |
+| `WRONGSECRETS_MCP_GOOGLEDRIVE_SECRET` | *(optional)* Static override — skips live Drive fetch | *(none — live fetch used)* | `my_wrongsecrets_challenge62_answer` |
+
+> **Why runtime-only?**
+> The `Dockerfile` and `Dockerfile.web` ship harmless placeholder defaults via `ENV`. Real credentials should only be injected at `docker run` time so they never appear in image layers or build logs.
+
+### Running with Docker (explicit values)
+
+```bash
+export SERVICE_ACCOUNT_KEY_B64=$(base64 -i challenge62-key.json | tr -d '\n')
+export DOCUMENT_ID="your_document_id_here"
+
+docker run -p 8080:8080 -p 8090:8090 \
+  -e GOOGLE_SERVICE_ACCOUNT_KEY="${SERVICE_ACCOUNT_KEY_B64}" \
+  -e GOOGLE_DRIVE_DOCUMENT_ID="${DOCUMENT_ID}" \
+  ghcr.io/owasp/wrongsecrets/wrongsecrets:latest-no-vault
+```
+
+### Running with Docker (inherit from host shell)
+
+If the variables are already exported in your shell, pass them through without a value — Docker inherits from the host:
+
+```bash
+export GOOGLE_SERVICE_ACCOUNT_KEY="${SERVICE_ACCOUNT_KEY_B64}"
+export GOOGLE_DRIVE_DOCUMENT_ID="your_document_id_here"
+
+docker run -p 8080:8080 -p 8090:8090 \
+  -e GOOGLE_SERVICE_ACCOUNT_KEY \
+  -e GOOGLE_DRIVE_DOCUMENT_ID \
+  ghcr.io/owasp/wrongsecrets/wrongsecrets:latest-no-vault
+```
+
+### Running with Docker using an env file
+
+Create a `.env` file (add it to `.gitignore`):
+
+```bash
+GOOGLE_SERVICE_ACCOUNT_KEY=<base64_encoded_key>
+GOOGLE_DRIVE_DOCUMENT_ID=<document_id>
+```
+
+Then run:
+
+```bash
+docker run -p 8080:8080 -p 8090:8090 \
+  --env-file .env \
+  ghcr.io/owasp/wrongsecrets/wrongsecrets:latest-no-vault
+```
+
+### Running with Spring Boot (local development)
+
+Set environment variables in your shell before running:
+
+```bash
+export GOOGLE_SERVICE_ACCOUNT_KEY="${SERVICE_ACCOUNT_KEY_B64}"
+export GOOGLE_DRIVE_DOCUMENT_ID="your_document_id"
+./mvnw spring-boot:run
+```
+
+Or add them to a **local-only** properties file that is not committed to version control:
+
+```properties
+# application-local.properties  (keep out of git)
+GOOGLE_SERVICE_ACCOUNT_KEY=<base64_encoded_key>
+GOOGLE_DRIVE_DOCUMENT_ID=<document_id>
+```
+
+## Step 9: Clean Up the Key File
+
+After encoding the key, delete the local key file:
+
+```bash
+rm challenge62-key.json
+```
+
+## Using the Default OWASP Document (for testing)
+
+The default document ID configured in the application is the OWASP WrongSecrets Google Drive document:
+- Document: https://docs.google.com/document/d/1PlZkwEd7GouyY4cdOxBuczm6XumQeuZN31LR2BXRgPs/edit
+
+To use this document, your service account must have been granted read access to it by the OWASP WrongSecrets maintainers. For your own deployment, we recommend creating your own document as described above.
+
+## Security Notes
+
+1. **This is intentionally insecure for educational purposes**: In a real system, you should always authenticate and authorize MCP callers before granting access to external resources.
+
+2. **Least Privilege**: The service account used in this challenge demonstrates what happens when you violate least privilege. In production, ensure service accounts only have the minimum permissions necessary.
+
+3. **Never use production credentials**: Do not use service accounts that have access to production data for this challenge.
+
+4. **Key rotation**: Regularly rotate service account keys to limit the window of exposure if a key is compromised.
+
+## Verification
+
+After configuration, verify the challenge works by calling the MCP endpoint:
+
+```bash
+curl -s -X POST http://localhost:8080/mcp62 \
+  -H 'Content-Type: application/json' \
+  -d '{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"read_google_drive_document","arguments":{}}}'
+```
+
+The response should contain the document content with your secret.
+
+## Tests and Code References
+
+- Main challenge logic: `src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62.java`
+- MCP controller and cache logic: `src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62McpController.java`
+- Challenge tests: `src/test/java/org/owasp/wrongsecrets/challenges/docker/Challenge62Test.java`
+- MCP controller tests: `src/test/java/org/owasp/wrongsecrets/challenges/docker/Challenge62McpControllerTest.java`

docs/VERSION_MANAGEMENT.md

@@ -12,9 +12,9 @@ The project maintains version consistency between:
 ## Version Schema
 
 ```
-pom.xml version:        1.13.1-SNAPSHOT
-Dockerfile version:     1.13.1
-Dockerfile.web version: 1.13.1-no-vault
+pom.xml version:        1.13.2alpha1-SNAPSHOT
+Dockerfile version:     1.13.2alpha1
+Dockerfile.web version: 1.13.2alpha1-no-vault
 ```
 
 ## Automated Solutions