Add Swift binary challenge (Challenge 64)

[Copilot]

Implements the Swift binary reverse engineering challenge, teaching users that hardcoded secrets in Swift binaries are recoverable via tools like Ghidra or radare2.

Changes

New challenge

• Challenge63.java — runs wrongsecrets-swift binary to retrieve the answer; follows the same FixedAnswerChallenge + BinaryExecutionHelper pattern as C/C++/Rust/Go challenges
• Challenge63Test.java — tests correct spoiler output and incorrect answer rejection
• wrong-secrets-configuration.yaml — registers Challenge 63 (category: bin, difficulty: master, CTF-enabled)

Swift binaries

Downloaded from wrongsecrets-binaries into src/main/resources/executables/:

• wrongsecrets-swift / -arm (macOS)
• wrongsecrets-swift-linux / -linux-arm / -linux-musl / -linux-musl-arm

The linux-musl variants are fully statically linked (~42 MB each), embedding the entire Swift runtime. This makes them self-contained on any musl-based system (e.g. Alpine) without requiring external shared libraries.

Swift runtime library support

The non-musl Linux Swift binary dynamically links libswiftCore.so, which isn't in the default ld search path in all environments. BinaryExecutionHelper now auto-detects installed Swift runtime paths and injects LD_LIBRARY_PATH before executing any swift-named binary:

private static final String[] SWIFT_LIB_PATHS = {
  "/usr/share/swift/usr/lib/swift/linux", "/usr/lib/swift/linux", "/usr/local/lib/swift/linux"
};

private void configureSwiftLibraryPath(ProcessBuilder ps) { ... }

Docker container support

The wrongsecrets Docker container uses Alpine Linux (musl libc). On Alpine, BinaryExecutionHelper automatically selects the wrongsecrets-swift-linux-musl variant. Because those binaries are fully statically linked, no extra shared libraries or compatibility shims are needed — the Dockerfile remains unchanged from the original Alpine-based setup (eclipse-temurin:25.0.2_10-jre-alpine, apk add --no-cache libstdc++ icu-libs).

Challenge 63 container test

• src/main/resources/challenges/challenge-63/Dockerfile_challenge63 — a minimal alpine:3.21 container that copies wrongsecrets-swift-linux-musl and verifies it produces non-empty output (the hardcoded secret)
• container_test.yml — new CI job Challenge 63 Swift binary test that builds this image from the repo root and runs it, failing if the binary produces no output

Docker container JAR size reduction

.github/scripts/docker-create.sh — Extended the binary removal list from 7 entries to 41 entries to reduce the JAR size in the Docker image. All non-musl, non-Windows binaries that are never used on Alpine are now stripped from the JAR at build time, organized into three groups:

• macOS / non-Linux binaries: c, advanced-c (including stripped variants), cplus, challenge52-c, challenge53-c, rust, swift (including CTF variants), golang, dotnet
• Linux glibc (non-musl) binaries: same set — c, advanced-c, cplus, challenge52-c, challenge53-c, rust, swift (including CTF variants), dotnet
• Windows .exe files (unchanged wildcard removal)

wrongsecrets-golang-linux and wrongsecrets-golang-linux-arm are intentionally kept: BinaryExecutionHelper skips the -musl suffix for golang, so these glibc-linked binaries are used even on Alpine (amd64 and arm64 respectively).

Explanation content

• challenge63.adoc — problem statement (part 5 of the binary series)
• challenge63_hint.adoc — solve paths via Ghidra, radare2, and nm + swift-demangle
• challenge63_reason.adoc — security lesson on Swift binary reverse engineering

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Native languages round 2: SWift! </issue_title>
<issue_description>This challenge is about finding hardcoded secrets in binaries in Swift! With this we want to explain to our users that no language or binary is safe to just put the secret in offline. For this you need to:

• Add a swift binary to the wrongsecrets/binaries repowith crosscompiling for the various OSes
• copy binaries into our resources folder for swift
• Add a challenge here that uses the binary (See contributing.md and the code of the other binary challenges).
• make sure the binary works on the desktop container and in the wrongsecrets container</issue_description>

Comments on the Issue (you are @copilot in this section)

@commjoen https://github.com/compnerd/gha-setup-swift and https://github.com/marketplace/actions/install-swift-on-linux for github actions to build for linux and windows @commjoen https://www.swift.org/documentation/server/guides/building.html @commjoen https://github.com/OWASP/wrongsecrets-binaries/pull/50 is almost complete: is just needs alpine support in order to build out the challenge. @commjoen In order to continue this challenge, we will first have to wait for Alpine support. Let's wait for https://github.com/swiftlang/swift/pull/62245 to be completed. We contacted the developer on whether there is a way to use his work already to compile our https://github.com/OWASP/wrongsecrets-binaries/pull/50 for Alpine. @commjoen Status update: I did not find any way to use the code on all designated platforms. I could not make run swift on alpine. We tested various glibc methods on musl as well and they don’t work either. Maybe fully static linking could do? @commjoen We have swift binaries \o/ now all that is left is reverse engineering them and write up a challenge here @commjoen on macos; ```bash nm -gUj wrongsecrets-swift | grep getSecret swift-demangle --expand "s5swift9getSecretSSyF" ``` find the function in ghidra, click it and read the value from the array :D

• Fixes Native languages round 2: SWift!  #615

---

💬 Send tasks to Copilot coding agent from Slack and Teams to turn conversations into code. Copilot posts an update in your thread when it's finished.

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2470

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-d3aefaf

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2470)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-d3aefaf
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-d3aefaf

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge63.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/binaryexecution/BinaryExecutionHelper.java
- src/main/resources/explanations/challenge63.adoc
- src/main/resources/explanations/challenge63_hint.adoc
- src/main/resources/explanations/challenge63_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[commjoen]

@copilot can you fix the failing github actions please?

[Copilot]

@copilot can you fix the failing github actions please?

Fixed in 84549ff. The Javadoc/Swagger generator and pre-commit checks were both failing due to a Spotless formatting violation — the SWIFT_LIB_PATHS array elements needed to be on a single line. Ran mvn spotless:apply to auto-fix it.

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2470}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2470

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-f8d3491

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2470)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-f8d3491
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-f8d3491

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge63.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/binaryexecution/BinaryExecutionHelper.java
- src/main/resources/explanations/challenge63.adoc
- src/main/resources/explanations/challenge63_hint.adoc
- src/main/resources/explanations/challenge63_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2470}

[commjoen]

java.io.IOException: Cannot run program "/tmp/c-exec-wrongsecrets-swift-linux-musl-arm7674393112878681325sh": Exec failed, error: 2 (No such file or directory)
at java.base/java.lang.ProcessBuilder.start(Unknown Source) ~[na:na]
at java.base/java.lang.ProcessBuilder.start(Unknown Source) ~[na:na]
at org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper.executeCommand(BinaryExecutionHelper.java:140) ~[application.jar:1.13.2-SNAPSHOT]
at org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper.executeCommand(BinaryExecutionHelper.java:91) ~[application.jar:1.13.2-SNAPSHOT]
at org.owasp.wrongsecrets.challenges.docker.Challenge63.getAnswer(Challenge63.java:18) ~[application.jar:1.13.2-SNAPSHOT]
at org.owasp.wrongsecrets.challenges.FixedAnswerChallenge.lambda$new$0(FixedAnswerChallenge.java:19) ~[application.jar:1.13.2-SNAPSHOT]
at com.google.common.base.Suppliers$NonSerializableMemoizingSupplier.get(Suppliers.java:201) ~[guava-33.5.0-jre.jar:na]
at org.owasp.wrongsecrets.challenges.FixedAnswerChallenge.answerCorrect(FixedAnswerChallenge.java:28) ~[application.jar:1.13.2-SNAPSHOT]
at org.owasp.wrongsecrets.challenges.ChallengesController.postController(ChallengesController.java:226) ~[application.jar:1.13.2-SNAPSHOT]
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(Unknown Source) ~[na:na]
at java.base/java.lang.reflect.Method.invoke(Unknown Source) ~[na:na]
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:252) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:184) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:934) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:853) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:86) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:963) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:866) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1000) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:903) ~[spring-webmvc-7.0.5.jar:7.0.5]
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:649) ~[tomcat-embed-core-11.0.18.jar:6.1]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:874) ~[spring-webmvc-7.0.5.jar:7.0.5]
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:710) ~[tomcat-embed-core-11.0.18.jar:6.1]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:128) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) ~[tomcat-embed-websocket-11.0.18.jar:11.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:108) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.FilterChainProxy.lambda$doFilterInternal$3(FilterChainProxy.java:235) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$FilterObservation$SimpleFilterObservation.lambda$wrap$1(ObservationFilterChainDecorator.java:493) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$1(ObservationFilterChainDecorator.java:354) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator.lambda$wrapSecured$0(ObservationFilterChainDecorator.java:86) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:132) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.access.intercept.AuthorizationFilter.doFilter(AuthorizationFilter.java:101) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:126) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:120) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:100) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:181) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:198) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:96) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:135) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.transport.HttpsRedirectFilter.doFilterInternal(HttpsRedirectFilter.java:67) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$0(ObservationFilterChainDecorator.java:337) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:228) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:237) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:195) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.ServletRequestPathFilter.doFilter(ServletRequestPathFilter.java:52) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:74) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$CompositeFilterChainProxy.doFilter(WebSecurityConfiguration.java:317) ~[spring-security-config-7.0.4.jar:7.0.4]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.owasp.wrongsecrets.SecurityHeaderAddingFilter.doFilter(SecurityHeaderAddingFilter.java:23) ~[application.jar:1.13.2-SNAPSHOT]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.servlet.resource.ResourceUrlEncodingFilter.doFilter(ResourceUrlEncodingFilter.java:66) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.filter.ServerHttpObservationFilter.doFilterInternal(ServerHttpObservationFilter.java:110) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:199) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:165) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:77) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:492) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:113) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:83) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:72) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:341) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:397) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:903) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1779) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:946) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:480) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:57) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at java.base/java.lang.Thread.run(Unknown Source) ~[na:na]
Caused by: java.io.IOException: Exec failed, error: 2 (No such file or directory)
at java.base/java.lang.ProcessImpl.forkAndExec(Native Method) ~[na:na]
at java.base/java.lang.ProcessImpl.(Unknown Source) ~[na:na]
at java.base/java.lang.ProcessImpl.start(Unknown Source) ~[na:na]
... 136 common frames omitted

[commjoen]

@copilot i see the following error when running the container locally:
2026-03-25T08:58:31.733Z INFO 1 --- [nio-8080-exec-6] o.o.w.c.d.b.BinaryExecutionHelper : System arch detected: linux
2026-03-25T08:58:31.743Z INFO 1 --- [nio-8080-exec-6] o.o.w.c.d.b.BinaryExecutionHelper : System arch detected: aarch64
2026-03-25T08:58:31.744Z INFO 1 --- [nio-8080-exec-6] o.o.w.c.d.b.BinaryExecutionHelper : System arch detected: aarch64
2026-03-25T08:58:31.744Z INFO 1 --- [nio-8080-exec-6] o.o.w.c.d.b.BinaryExecutionHelper : First looking at location:'classpath:executables/wrongsecrets-swift-linux-musl-arm'
2026-03-25T08:58:31.744Z INFO 1 --- [nio-8080-exec-6] o.o.w.c.d.b.BinaryExecutionHelper : You might be running this in a docker container, trying alternative path: '/home/wrongsecrets/wrongsecrets-swift-linux-musl-arm'
2026-03-25T08:58:31.749Z INFO 1 --- [nio-8080-exec-6] o.o.w.c.d.b.BinaryExecutionHelper : System arch detected: aarch64
2026-03-25T08:58:31.750Z INFO 1 --- [nio-8080-exec-6] o.o.w.c.d.b.BinaryExecutionHelper : System arch detected: linux
2026-03-25T08:58:31.750Z INFO 1 --- [nio-8080-exec-6] o.o.w.c.d.b.BinaryExecutionHelper : Setting LD_LIBRARY_PATH for Swift binary: /opt/java/openjdk/lib/server:/opt/java/openjdk/lib
2026-03-25T08:58:31.753Z WARN 1 --- [nio-8080-exec-6] o.o.w.c.d.b.BinaryExecutionHelper : Error executing:

java.io.IOException: Cannot run program "/tmp/c-exec-wrongsecrets-swift-linux-musl-arm7674393112878681325sh": Exec failed, error: 2 (No such file or directory)
at java.base/java.lang.ProcessBuilder.start(Unknown Source) ~[na:na]
at java.base/java.lang.ProcessBuilder.start(Unknown Source) ~[na:na]
at org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper.executeCommand(BinaryExecutionHelper.java:140) ~[application.jar:1.13.2-SNAPSHOT]
at org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper.executeCommand(BinaryExecutionHelper.java:91) ~[application.jar:1.13.2-SNAPSHOT]
at org.owasp.wrongsecrets.challenges.docker.Challenge63.getAnswer(Challenge63.java:18) ~[application.jar:1.13.2-SNAPSHOT]
at org.owasp.wrongsecrets.challenges.FixedAnswerChallenge.lambda$new$0(FixedAnswerChallenge.java:19) ~[application.jar:1.13.2-SNAPSHOT]
at com.google.common.base.Suppliers$NonSerializableMemoizingSupplier.get(Suppliers.java:201) ~[guava-33.5.0-jre.jar:na]
at org.owasp.wrongsecrets.challenges.FixedAnswerChallenge.answerCorrect(FixedAnswerChallenge.java:28) ~[application.jar:1.13.2-SNAPSHOT]
at org.owasp.wrongsecrets.challenges.ChallengesController.postController(ChallengesController.java:226) ~[application.jar:1.13.2-SNAPSHOT]
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(Unknown Source) ~[na:na]
at java.base/java.lang.reflect.Method.invoke(Unknown Source) ~[na:na]
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:252) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:184) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:934) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:853) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:86) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:963) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:866) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1000) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:903) ~[spring-webmvc-7.0.5.jar:7.0.5]
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:649) ~[tomcat-embed-core-11.0.18.jar:6.1]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:874) ~[spring-webmvc-7.0.5.jar:7.0.5]
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:710) ~[tomcat-embed-core-11.0.18.jar:6.1]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:128) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) ~[tomcat-embed-websocket-11.0.18.jar:11.0.18]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:108) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.FilterChainProxy.lambda$doFilterInternal$3(FilterChainProxy.java:235) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$FilterObservation$SimpleFilterObservation.lambda$wrap$1(ObservationFilterChainDecorator.java:493) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$1(ObservationFilterChainDecorator.java:354) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator.lambda$wrapSecured$0(ObservationFilterChainDecorator.java:86) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:132) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.access.intercept.AuthorizationFilter.doFilter(AuthorizationFilter.java:101) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:126) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:120) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:100) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:181) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:198) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:96) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:135) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.transport.HttpsRedirectFilter.doFilterInternal(HttpsRedirectFilter.java:67) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$0(ObservationFilterChainDecorator.java:337) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:228) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:237) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:195) ~[spring-security-web-7.0.4.jar:7.0.4]
at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.ServletRequestPathFilter.doFilter(ServletRequestPathFilter.java:52) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:74) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$CompositeFilterChainProxy.doFilter(WebSecurityConfiguration.java:317) ~[spring-security-config-7.0.4.jar:7.0.4]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.owasp.wrongsecrets.SecurityHeaderAddingFilter.doFilter(SecurityHeaderAddingFilter.java:23) ~[application.jar:1.13.2-SNAPSHOT]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.servlet.resource.ResourceUrlEncodingFilter.doFilter(ResourceUrlEncodingFilter.java:66) ~[spring-webmvc-7.0.5.jar:7.0.5]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.filter.ServerHttpObservationFilter.doFilterInternal(ServerHttpObservationFilter.java:110) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:199) ~[spring-web-7.0.5.jar:7.0.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:165) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:77) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:492) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:113) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:83) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:72) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:341) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:397) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:903) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1779) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:946) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:480) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:57) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
at java.base/java.lang.Thread.run(Unknown Source) ~[na:na]
Caused by: java.io.IOException: Exec failed, error: 2 (No such file or directory)
at java.base/java.lang.ProcessImpl.forkAndExec(Native Method) ~[na:na]
at java.base/java.lang.ProcessImpl.(Unknown Source) ~[na:na]
at java.base/java.lang.ProcessImpl.start(Unknown Source) ~[na:na]
... 136 common frames omitted

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2470

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-1abe86e

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2470)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-1abe86e
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-1abe86e

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge63.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/binaryexecution/BinaryExecutionHelper.java
- src/main/resources/explanations/challenge63.adoc
- src/main/resources/explanations/challenge63_hint.adoc
- src/main/resources/explanations/challenge63_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2470}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2470

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-569a3f3

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2470)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-569a3f3
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-569a3f3

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge63.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/binaryexecution/BinaryExecutionHelper.java
- src/main/resources/explanations/challenge63.adoc
- src/main/resources/explanations/challenge63_hint.adoc
- src/main/resources/explanations/challenge63_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2470}

[commjoen]

@copilot I just got :

  .   ____          _            __ _ _
 /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
  '  |____| .__|_| |_|_| |_\__, | / / / /
 =========|_|==============|___/=/_/_/_/

 :: Spring Boot ::                (v4.0.3)

2026-03-30T07:13:54.226Z  INFO 1 --- [           main] o.o.w.WrongSecretsApplication            : Starting WrongSecretsApplication v1.13.2-SNAPSHOT using Java 25.0.2 with PID 1 (/application/application.jar started by wrongsecrets in /application)
2026-03-30T07:13:54.228Z  INFO 1 --- [           main] o.o.w.WrongSecretsApplication            : No active profile set, falling back to 1 default profile: "default"
2026-03-30T07:13:54.955Z  INFO 1 --- [           main] o.s.cloud.context.scope.GenericScope     : BeanFactory id=be7e551d-692d-38eb-890b-d86158c80e39
2026-03-30T07:13:55.074Z  INFO 1 --- [           main] o.s.boot.tomcat.TomcatWebServer          : Tomcat initialized with ports 8080 (http), 8090 (http)
2026-03-30T07:13:55.078Z  INFO 1 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
2026-03-30T07:13:55.078Z  INFO 1 --- [           main] o.apache.catalina.core.StandardEngine    : Starting Servlet engine: [Apache Tomcat/11.0.18]
2026-03-30T07:13:55.088Z  INFO 1 --- [           main] b.w.c.s.WebApplicationContextInitializer : Root WebApplicationContext: initialization completed in 768 ms
2026-03-30T07:13:55.223Z  INFO 1 --- [           main] r$InitializeUserDetailsManagerConfigurer : Global AuthenticationManager configured with UserDetailsService bean with name userDetailsService
2026-03-30T07:13:55.528Z  INFO 1 --- [           main] o.o.w.definitions.ChallengeConfig        : Loaded 64 definitions and 66 challenges
2026-03-30T07:13:55.529Z  INFO 1 --- [           main] o.o.w.challenges.docker.Challenge8       : Generating random string for challenge 8: 2pf8Sl7uQZ
2026-03-30T07:13:55.598Z  INFO 1 --- [           main] o.s.b.w.a.WelcomePageHandlerMapping      : Adding welcome page template: index
2026-03-30T07:13:55.751Z  INFO 1 --- [           main] c.a.c.h.n.implementation.NettyUtility    : {"az.sdk.message":"The following Netty versions were found on the classpath and have a mismatch with the versions used by azure-core-http-netty. If your application runs without issue this message can be ignored, otherwise please align the Netty versions used in your application. For more information, see https://aka.ms/azsdk/java/dependency/troubleshoot.","azure-netty-version":"4.1.130.Final","azure-netty-native-version":"2.0.74.Final","classpath-netty-version-io.netty:netty-common":"4.2.10.Final","classpath-netty-version-io.netty:netty-handler":"4.2.10.Final","classpath-netty-version-io.netty:netty-handler-proxy":"4.2.10.Final","classpath-netty-version-io.netty:netty-buffer":"4.2.10.Final","classpath-netty-version-io.netty:netty-codec":"4.2.10.Final","classpath-netty-version-io.netty:netty-codec-http":"4.2.10.Final","classpath-netty-version-io.netty:netty-codec-http2":"4.2.10.Final","classpath-netty-version-io.netty:netty-transport-native-unix-common":"4.2.10.Final","classpath-netty-version-io.netty:netty-transport-native-epoll":"4.2.10.Final","classpath-netty-version-io.netty:netty-transport-native-kqueue":"4.2.10.Final","classpath-native-netty-version-io.netty:netty-tcnative-boringssl-static":"2.0.75.Final"}
2026-03-30T07:13:55.882Z  INFO 1 --- [           main] o.s.b.a.e.web.EndpointLinksResolver      : Exposing 3 endpoints beneath base path '/actuator'
2026-03-30T07:13:55.917Z  INFO 1 --- [           main] o.s.boot.tomcat.TomcatWebServer          : Tomcat started on ports 8080 (http), 8090 (http) with context path '/'
2026-03-30T07:13:55.928Z  INFO 1 --- [           main] o.o.w.WrongSecretsApplication            : Started WrongSecretsApplication in 2.037 seconds (process running for 2.377)
2026-03-30T07:14:45.924Z  INFO 1 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring DispatcherServlet 'dispatcherServlet'
2026-03-30T07:14:45.924Z  INFO 1 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Initializing Servlet 'dispatcherServlet'
2026-03-30T07:14:45.926Z  INFO 1 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Completed initialization in 2 ms
2026-03-30T07:14:45.963Z  INFO 1 --- [nio-8080-exec-1] o.o.wrongsecrets.SessionConfiguration    : Session created, currently there are 1 sessions active
2026-03-30T07:15:00.700Z  INFO 1 --- [nio-8080-exec-9] o.o.w.c.d.b.BinaryExecutionHelper        : System arch detected: aarch64
2026-03-30T07:15:00.701Z  INFO 1 --- [nio-8080-exec-9] o.o.w.c.d.b.BinaryExecutionHelper        : OS Name detected: Linux
2026-03-30T07:15:00.701Z  INFO 1 --- [nio-8080-exec-9] o.o.w.c.d.b.BinaryExecutionHelper        : System arch detected: linux
2026-03-30T07:15:00.712Z  INFO 1 --- [nio-8080-exec-9] o.o.w.c.d.b.BinaryExecutionHelper        : System arch detected: aarch64
2026-03-30T07:15:00.712Z  INFO 1 --- [nio-8080-exec-9] o.o.w.c.d.b.BinaryExecutionHelper        : System arch detected: aarch64
2026-03-30T07:15:00.712Z  INFO 1 --- [nio-8080-exec-9] o.o.w.c.d.b.BinaryExecutionHelper        : First looking at location:'classpath:executables/wrongsecrets-swift-linux-musl-arm'
2026-03-30T07:15:00.712Z  INFO 1 --- [nio-8080-exec-9] o.o.w.c.d.b.BinaryExecutionHelper        : You might be running this in a docker container, trying alternative path: '/home/wrongsecrets/wrongsecrets-swift-linux-musl-arm'
2026-03-30T07:15:00.768Z  INFO 1 --- [nio-8080-exec-9] o.o.w.c.d.b.BinaryExecutionHelper        : System arch detected: aarch64
2026-03-30T07:15:00.769Z  INFO 1 --- [nio-8080-exec-9] o.o.w.c.d.b.BinaryExecutionHelper        : System arch detected: linux
2026-03-30T07:15:00.769Z  INFO 1 --- [nio-8080-exec-9] o.o.w.c.d.b.BinaryExecutionHelper        : Setting LD_LIBRARY_PATH for Swift binary: /opt/java/openjdk/lib/server:/opt/java/openjdk/lib
2026-03-30T07:15:00.773Z  INFO 1 --- [nio-8080-exec-9] o.o.w.c.d.b.BinaryExecutionHelper        : stdout challenge 63: This a secret
2026-03-30T07:15:03.192Z  INFO 1 --- [io-8080-exec-10] o.o.w.c.d.b.BinaryExecutionHelper        : System arch detected: aarch64
2026-03-30T07:15:03.192Z  INFO 1 --- [io-8080-exec-10] o.o.w.c.d.b.BinaryExecutionHelper        : OS Name detected: Linux
2026-03-30T07:15:03.192Z  INFO 1 --- [io-8080-exec-10] o.o.w.c.d.b.BinaryExecutionHelper        : System arch detected: linux
2026-03-30T07:15:03.195Z  INFO 1 --- [io-8080-exec-10] o.o.w.c.d.b.BinaryExecutionHelper        : System arch detected: aarch64
2026-03-30T07:15:03.196Z  INFO 1 --- [io-8080-exec-10] o.o.w.c.d.b.BinaryExecutionHelper        : System arch detected: aarch64
2026-03-30T07:15:03.196Z  INFO 1 --- [io-8080-exec-10] o.o.w.c.d.b.BinaryExecutionHelper        : First looking at location:'classpath:executables/wrongsecrets-dotnet-linux-musl-arm'
2026-03-30T07:15:03.197Z  INFO 1 --- [io-8080-exec-10] o.o.w.c.d.b.BinaryExecutionHelper        : You might be running this in a docker container, trying alternative path: '/home/wrongsecrets/wrongsecrets-dotnet-linux-musl-arm'
2026-03-30T07:15:03.198Z  WARN 1 --- [io-8080-exec-10] o.o.w.c.d.b.BinaryExecutionHelper        : Error executing:

java.io.FileNotFoundException: Source '/home/wrongsecrets/wrongsecrets-dotnet-linux-musl-arm' does not exist
	at org.apache.commons.io.FileUtils.checkFileExists(FileUtils.java:338) ~[commons-io-2.21.0.jar:2.21.0]
	at org.apache.commons.io.FileUtils.copyFile(FileUtils.java:876) ~[commons-io-2.21.0.jar:2.21.0]
	at org.apache.commons.io.FileUtils.copyFile(FileUtils.java:909) ~[commons-io-2.21.0.jar:2.21.0]
	at org.apache.commons.io.FileUtils.copyFile(FileUtils.java:811) ~[commons-io-2.21.0.jar:2.21.0]
	at org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper.createTempExecutable(BinaryExecutionHelper.java:240) ~[application.jar:1.13.2-SNAPSHOT]
	at org.owasp.wrongsecrets.challenges.docker.binaryexecution.BinaryExecutionHelper.executeCommand(BinaryExecutionHelper.java:90) ~[application.jar:1.13.2-SNAPSHOT]
	at org.owasp.wrongsecrets.challenges.docker.Challenge50.getAnswer(Challenge50.java:18) ~[application.jar:1.13.2-SNAPSHOT]
	at org.owasp.wrongsecrets.challenges.FixedAnswerChallenge.lambda$new$0(FixedAnswerChallenge.java:19) ~[application.jar:1.13.2-SNAPSHOT]
	at com.google.common.base.Suppliers$NonSerializableMemoizingSupplier.get(Suppliers.java:201) ~[guava-33.5.0-jre.jar:na]
	at org.owasp.wrongsecrets.challenges.FixedAnswerChallenge.spoiler(FixedAnswerChallenge.java:23) ~[application.jar:1.13.2-SNAPSHOT]
	at java.base/java.util.Optional.map(Unknown Source) ~[na:na]
	at org.owasp.wrongsecrets.challenges.ChallengesController.spoiler(ChallengesController.java:102) ~[application.jar:1.13.2-SNAPSHOT]
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(Unknown Source) ~[na:na]
	at java.base/java.lang.reflect.Method.invoke(Unknown Source) ~[na:na]
	at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:252) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:184) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117) ~[spring-webmvc-7.0.5.jar:7.0.5]
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:934) ~[spring-webmvc-7.0.5.jar:7.0.5]
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:853) ~[spring-webmvc-7.0.5.jar:7.0.5]
	at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:86) ~[spring-webmvc-7.0.5.jar:7.0.5]
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:963) ~[spring-webmvc-7.0.5.jar:7.0.5]
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:866) ~[spring-webmvc-7.0.5.jar:7.0.5]
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1000) ~[spring-webmvc-7.0.5.jar:7.0.5]
	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:892) ~[spring-webmvc-7.0.5.jar:7.0.5]
	at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:622) ~[tomcat-embed-core-11.0.18.jar:6.1]
	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:874) ~[spring-webmvc-7.0.5.jar:7.0.5]
	at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:710) ~[tomcat-embed-core-11.0.18.jar:6.1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:128) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) ~[tomcat-embed-websocket-11.0.18.jar:11.0.18]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:108) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.security.web.FilterChainProxy.lambda$doFilterInternal$3(FilterChainProxy.java:235) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$FilterObservation$SimpleFilterObservation.lambda$wrap$1(ObservationFilterChainDecorator.java:493) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$1(ObservationFilterChainDecorator.java:354) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator.lambda$wrapSecured$0(ObservationFilterChainDecorator.java:86) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:132) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.access.intercept.AuthorizationFilter.doFilter(AuthorizationFilter.java:101) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:126) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:120) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:100) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:181) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:198) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:96) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:118) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.transport.HttpsRedirectFilter.doFilterInternal(HttpsRedirectFilter.java:67) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:231) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:244) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$0(ObservationFilterChainDecorator.java:337) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:228) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:141) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:237) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:195) ~[spring-security-web-7.0.4.jar:7.0.4]
	at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.web.filter.ServletRequestPathFilter.doFilter(ServletRequestPathFilter.java:52) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:74) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$CompositeFilterChainProxy.doFilter(WebSecurityConfiguration.java:317) ~[spring-security-config-7.0.4.jar:7.0.4]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.owasp.wrongsecrets.SecurityHeaderAddingFilter.doFilter(SecurityHeaderAddingFilter.java:23) ~[application.jar:1.13.2-SNAPSHOT]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.springframework.web.servlet.resource.ResourceUrlEncodingFilter.doFilter(ResourceUrlEncodingFilter.java:66) ~[spring-webmvc-7.0.5.jar:7.0.5]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.springframework.web.filter.ServerHttpObservationFilter.doFilterInternal(ServerHttpObservationFilter.java:110) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:199) ~[spring-web-7.0.5.jar:7.0.5]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-7.0.5.jar:7.0.5]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:107) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:165) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:77) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:492) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:113) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:83) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:72) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:341) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:397) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:903) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1779) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:946) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:480) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:57) ~[tomcat-embed-core-11.0.18.jar:11.0.18]
	at java.base/java.lang.Thread.run(Unknown Source) ~[na:na]

[bendehaan]

Good to go!

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2470

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

📸 Visual Diff Available!

Screenshots have been generated comparing your changes with the main branch.

Download Visual Diff Artifacts

The artifacts contain:

• pr-home.png - Your version of the home page
• main-home.png - Current main branch home page
• pr-about.png - Your version of the about page
• main-about.png - Current main branch about page

Compare these images to see the visual impact of your changes!

---

_{Visual diff generated by GitHub Actions}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2470

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-831137f

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2470)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-831137f
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-831137f

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge64.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/binaryexecution/BinaryExecutionHelper.java
- src/main/resources/explanations/challenge64.adoc
- src/main/resources/explanations/challenge64_hint.adoc
- src/main/resources/explanations/challenge64_reason.adoc
- src/main/resources/templates/about.html

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Available!

Screenshots have been generated comparing your changes with the main branch.

Download Visual Diff Artifacts

The artifacts contain:

• pr-home.png - Your version of the home page
• main-home.png - Current main branch home page
• pr-about.png - Your version of the about page
• main-about.png - Current main branch about page

Compare these images to see the visual impact of your changes!

---

_{Visual diff generated by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2470}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-c0f9eb9

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2470)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-c0f9eb9
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-c0f9eb9

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge64.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/binaryexecution/BinaryExecutionHelper.java
- src/main/resources/explanations/challenge64.adoc
- src/main/resources/explanations/challenge64_hint.adoc
- src/main/resources/explanations/challenge64_reason.adoc
- src/main/resources/templates/about.html

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2470}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2470

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-c92a416

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2470)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 -p 8090:8090 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-c92a416
docker run -p 8080:8080 -p 8090:8090 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2470-c92a416

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge64.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/binaryexecution/BinaryExecutionHelper.java
- src/main/resources/explanations/challenge64.adoc
- src/main/resources/explanations/challenge64_hint.adoc
- src/main/resources/explanations/challenge64_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2470}