Add Challenge 62: MCP privilege escalation via Google Service Account on Google Drive

[Copilot]

Adds a new AI-category challenge demonstrating that an MCP server configured with an overly-privileged Google Service Account allows callers to read Google Drive documents they are not directly authorized to access — a real-world privilege escalation pattern seen widely in agent/MCP deployments.

Challenge design

• MCP endpoint at /mcp62 exposes a single read_google_drive_document tool
• Tool authenticates to Google Drive using a service account (GOOGLE_SERVICE_ACCOUNT_KEY, base64-encoded JSON key) and returns the document's plain-text content
• The document content is the secret; answer is validated against WRONGSECRETS_MCP_GOOGLEDRIVE_SECRET
• Gracefully degrades to a placeholder message when credentials are unconfigured

New env vars (all defaulted in application.properties)

Variable	Purpose
GOOGLE_SERVICE_ACCOUNT_KEY	Base64-encoded service account JSON key
GOOGLE_DRIVE_DOCUMENT_ID	Document to read (defaults to OWASP doc)
WRONGSECRETS_MCP_GOOGLEDRIVE_SECRET	Expected answer stored in the document

Implementation notes

• Uses ServiceAccountCredentials from google-auth-library-oauth2-http (already a transitive dep via google-cloud-secretmanager) — no new dependencies added
• Validates service account JSON structure before use to guard against malformed input
• @Autowired on the primary constructor disambiguates Spring injection from the package-private test constructor

Operator setup

docs/CHALLENGE62_GOOGLE_DRIVE_SETUP.md covers end-to-end: create GCP project → enable Drive API → create service account → share document → encode key → configure env vars.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• checkstyle.org
  • Triggering command: /opt/hostedtoolcache/CodeQL/2.24.3/x64/codeql/tools/linux64/java/bin/java /opt/hostedtoolcache/CodeQL/2.24.3/x64/codeql/tools/linux64/java/bin/java -jar /opt/hostedtoolcache/CodeQL/2.24.3/x64/codeql/xml/tools/xml-extractor.jar --fileList=/tmp/codeql-scratch-54b93b06a133b0d9/dbs/java/working/files-to-index3796442728103403313.list --sourceArchiveDir=/tmp/codeql-scratch-54b93b06a133b0d9/dbs/java/src --outputDir=/tmp/codeql-scratch-54b93b06a133b0d9/dbs/java/trap/java --global nfig/composer/ve/home/REDACTED/work/wrongsecrets/wrongsecrets/src/test/java/org/owasp/wrongsecretsc21324bbeaa5380a50a9b7265f9930c251045693:src/main/resources/explanations/challenge62_hint.adoc credential.userngit (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Use MCP server Google Service Account, configured as env-var to obtain document secret</issue_title>
<issue_description>### Context

• What should the challenge scenario be like?
  You want to get access to a secret document in google drive you are not authorized to (e.g. as default https://docs.google.com/document/d/1vfHmi5lGoHogcjD0wxClZAjDy_qml_i2BtVrjVaklHc/edit?tab=t.0, which is a document in the OWASP Google Drive). But the MCP should use a service-account which allows you with a method to obtain the contents of the document.

• What should the participant learn from completing the challenge?
  That an MCP should not have a more powerful service account than the caller (Agent/user) in order not to allow for escalating privileges.

• For what category would the challenge be? (e.g. Docker, K8s, binary)
  AI

Did you encounter this in real life? Could you tell us more about the scenario?

All the times: we see many MCPs created by people that allow for escalating privileges

</issue_description>

<agent_instructions>Please note: you have to scaffold the service-account credential access as well, but those will be provisioned separately later as env-vars. You have to update the readme as well and make sure a user can setup his own service account in his own organization and how the user can then configure wrongsecrets to use that.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

• Fixes New challenge: Use MCP server Google Service Account, configured as env-var to obtain document secret #2463

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[commjoen]

@copilot correction: please use https://docs.google.com/document/d/1PlZkwEd7GouyY4cdOxBuczm6XumQeuZN31LR2BXRgPs/edit?tab=t.0 instead as a default

[Copilot]

@copilot correction: please use https://docs.google.com/document/d/1PlZkwEd7GouyY4cdOxBuczm6XumQeuZN31LR2BXRgPs/edit?tab=t.0 instead as a default

Updated in commit 2572651 — the default GOOGLE_DRIVE_DOCUMENT_ID is now 1PlZkwEd7GouyY4cdOxBuczm6XumQeuZN31LR2BXRgPs in the controller, application.properties, test, and setup docs.

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2464

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-c0d2e76

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2464)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-c0d2e76
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-c0d2e76

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62McpController.java
- src/main/resources/explanations/challenge62.adoc
- src/main/resources/explanations/challenge62_hint.adoc
- src/main/resources/explanations/challenge62_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2464}

[commjoen]

@copilot can you fix the failing github actions please?

[Copilot]

@copilot can you fix the failing github actions please?

Fixed in commit 68de73e. There were two issues:

1. Spotless (Google Java Format) violations in Challenge62McpController.java and Challenge62McpControllerTest.java — ran mvn spotless:apply to auto-fix formatting (constructor call line length, unused imports).
2. Dead Link Checker failure — the Google Docs URL always returns 401 to automated checkers since it requires authentication. Added https://docs.google.com/document/* to .lycheeignore.

The CODE_OF_CONDUCT.md link failure (contributor-covenant.org/faq) is a pre-existing network error unrelated to this PR.

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2464

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-1273332

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2464)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-1273332
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-1273332

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecurityConfig.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62McpController.java
- src/main/resources/explanations/challenge62.adoc
- src/main/resources/explanations/challenge62_hint.adoc
- src/main/resources/explanations/challenge62_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2464}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2464

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-1746c41

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2464)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-1746c41
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-1746c41

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecurityConfig.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62McpController.java
- src/main/resources/explanations/challenge62.adoc
- src/main/resources/explanations/challenge62_hint.adoc
- src/main/resources/explanations/challenge62_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2464}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2464

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-923326e

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2464)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-923326e
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-923326e

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecurityConfig.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62McpController.java
- src/main/resources/explanations/challenge62.adoc
- src/main/resources/explanations/challenge62_hint.adoc
- src/main/resources/explanations/challenge62_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2464}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2464

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-cdc66ff

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2464)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-cdc66ff
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-cdc66ff

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecurityConfig.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge60McpController.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62McpController.java
- src/main/resources/explanations/challenge62.adoc
- src/main/resources/explanations/challenge62_hint.adoc
- src/main/resources/explanations/challenge62_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2464}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2464

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

📸 Visual Diff Available!

Screenshots have been generated comparing your changes with the main branch.

Download Visual Diff Artifacts

The artifacts contain:

• pr-home.png - Your version of the home page
• main-home.png - Current main branch home page
• pr-about.png - Your version of the about page
• main-about.png - Current main branch about page

Compare these images to see the visual impact of your changes!

---

_{Visual diff generated by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-f357631

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2464)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-f357631
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2464-f357631

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecurityConfig.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge60McpController.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge62McpController.java
- src/main/resources/explanations/challenge62.adoc
- src/main/resources/explanations/challenge62_hint.adoc
- src/main/resources/explanations/challenge62_reason.adoc
- src/main/resources/templates/about.html

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2464}

[bendehaan]

Awesome, let's go!