This article provides a comprehensive guide on how to play a challenge on the platform. We will explain all the different stages and how to successfully complete each one.
You can also watch the video below for some guidance on how to play a challenge.
Before we dig in, It's important to note that as you play challenges some features may not be available depending on the module in which you are playing.
Hints | Retries | Solutions explanation | Reveal Answer | |
Training | Yes | Yes | Yes | Yes |
Courses | Configurable | Yes | Yes | No |
Assessments | No | No | No | No |
Tournaments | Configurable | Max 3 lives/retries per stage | Yes | No |
Stages
Select the Vulnerability Category
In this stage, you will be provided with several categories with their respective sub-categories to choose from. The code in this challenge relates to one of these categories.
Your goal is to analyze the vulnerable chunk (marked with the red “X”) and figure out what vulnerability begins at that point. Once you have looked through the code, select the category that most relates to the vulnerability seen in the code.
After you select a vulnerability press the “Submit” button. You will be notified whether you are correct or incorrect.
Locate Vulnerability
In this stage, you will be presented with an app with some files marked as vulnerable (⚠️) and each of which includes one or more vulnerable code chunks.
Look through All files marked with the caution mark ⚠️ and select the code chunk where the vulnerability is first introduced (This is not necessarily where the most important fix occurs)
Tip: You can use the Quickswitch arrows (⬆️ ⬇️) which will jump between all files marked as vulnerable or use the Jump buttons (⬅️ ➡️) to jump between all the vulnerable code blocks.
Click “Next” to submit your answer. You will then be informed whether you have passed or failed the stage.
Note: If this challenge is Hard difficult, you may be required to select multiple code chunks.
Identify Solution
In this stage, you will be presented with the vulnerable code (on the left) and 4 possible solutions to fix this code (on the right). After analyzing the differences in the solutions, find which one looks to be the most secure.
Click the "View Solutions" button to view solutions.
After you find the solution you believe is correct, click the "Accept" button in the top right to choose that solution. You then will be informed whether your answer was correct/incorrect
FAQ:
1. Can a challenge have identical solutions?
No, check out this article about Identical Solutions, and make sure you look out for changes in other files in this challenge.
2. Why one of the solution files is blank?
There's nothing wrong with the solution. It simply means the solution you're currently viewing recommends deleting the selected file. Please read this article for more details Why is one of the Solution files blank?
Related Links:
- What do the markings in the challenge screen mean?
- Am I supposed to know the most up-to-date/secure version of every component?
- How to Wrap the text when playing a challenge in Secure Code Warrior?
- What does Basic language mean?
- What Does the "Fetching Source File" Message Mean?
Comments
0 comments
Please sign in to leave a comment.