OWASP Juice Shop jingle / song

[bkimminich]

Hi @braimee! You thought I wouldn't seriously open this ticket, did you?

(Visitors, please upvote (:+1:) to increase pressure on Brian! Thank you!)

[7MinSec]

Ok I think this is a perfect place to brainstorm the creation of a JS jingle/song. Give me some time to get a snippet started and I'll post something here for discussion :-). If I write the song...how do we turn it into a pull request. Is that what you do on GitHub? I'm still a GitNewb.

[bkimminich]

You mean into a PR in the Juice Shop repository? I need to come up with a Find the forgotten audible masterpiece*-challenge first where the hackers have to find the MP3 file. Could make it even two challenges, one easier for finding the lyrics and one harder for the audio file.

You could then PR just the actual file(s) into the repo. I can guide you through that process when the time has come, no worries,

(*=working title)

[7MinSec]

Ah sorry. It was early in the morning when I wrote that post, and reading it now, it makes little sense. It was a joke that doesn't make sense...even to me.

Anyway, I'll get back to brainstorming the song. I hate to be a tease, but here's a snippet of the chorus I'm envisioning:

Juice Shop!
Juice Shop!

Billy Joel, eat your heart out.

[bkimminich]

The 🧀ier, the better! 😁

[7MinSec]

Expanding on the idea I have for a chorus:

Juice Shop!
Juice Shop!
You can order tasty beverages in any quantity
Juice Shop!
Juice Shop!
Just don't view the site with Burp Suite or you won't like what you see

[bkimminich]

Monthly coupons offering discounts on the whole inventory

But why make do with cut prices when you can also shop for free?

[7MinSec]

Yeah!

[hackern0v1c3]

Point SQLMap at juiceshop and watch the shells pop

[bkimminich]

Shopping twentyfour-seven all zero-day long? Only at the (insert chorus here)

[bkimminich]

I don't want to put any pressure on this totally voluntary side project that @braimee commited to, but I just kind of promised to play the jingle at this year's German OWASP Day in case they select my talk...

A lot more might still happen in the time between the submission of this abstract and the actual German OWASP Day. It might even have its own "commercial" jingle or song by then...

"Kind of promised", like I said... 🙊

PS: GoD will be end of November, so no rush... 🗓️

[7MinSec]

I can't handle the pressure!!!!!!!! Well...maybe I can. I'll try!

[7MinSec]

Just checking - is this still an issue? :-)

[bkimminich]

Well played, sir! Nice try! 😜

[7MinSec]

Hello @bkimminich. Our dev team had another project fall through this morning and are now shifting focus to resolve your issue. They told me to tell you they can't promise a complete fix, nor can they even promise the fix will be any good, but they should have something to show you by your GoD deadline.

[bkimminich]

So, we might be 👂'ing to a prototype or MVP of the jingle at GoD? That'd be awesome, and I'd gladly throw my Columbo-themed final slides out of my deck for that... 👍

[7MinSec]

At this point my team is telling me it will be an alpha release. They're actually recording it right now and will have a hard stop in about 30 mins and will share with you their creation at that time :-)

[7MinSec]

Ok @bkimminich, please check out the following link and let us know if it will work as a temporary patch, with a full release due sometime in 2019?

https://www.dropbox.com/s/ydjp51yj9zfq8d4/JuiceShopJingle.mp3?dl=0

When you want to shop online then you had better be sure
The experience is safe and also secure
 
Don't want to let no SQLi or cross-site scripting ruin your day
No, you want to break into a joyous song and say:

Juice Shop!
Juice Shop!
You can order tasty beverages in any quantity
Juice Shop!
Juice Shop!
Just don't test the site with Burp Suite or you won't like what you see

[7MinSec]

@bkimminich just checking...is the need for a full Juice Shop song still an open issue? Nobody's come along and already written one, right? :-)

[bkimminich]

To be honest, I think the Jingle works just fine as it is! Its level of polish just matches the Juice Shop mindset so nicely, and people loved it at conferences/meetups where I played it.

I think we can silently close this ticket and if no flurry of complaints comes in from either of our communities/user bases, then it should be ⚰️ for good... 😁

[7MinSec]

Hey there, sorry this was my poor attempt at musician/developer humor and I failed. I still have plans for more verses and a bridge actually. I just hadn’t updated this issue in forever so I figured I should give it some sort of bump.

Reopening! (Although I don’t have a ETA on fully resolving this yet 😏).

[bkimminich]

(Ah, reverse psychology always works...) ... wait, did I actually submit that? 👼

[supereldar]

We totally need this one

[bkimminich]

Just for the record and anyone who doubted how popular the mini-jingle is, here's an actual ticket requesting the guitar tabs for it: juice-shop/juice-shop#1286

[7MinSec]

Hello everybody. Wanted to let you know that I'm very close to closing the "issue" with there not being a full OWASP Juice Shop Jingle in the world. I'm currently waiting for my podcast host to resolve a CDN issue so I can release this week's episode which is a DOUBLE HEADER! I'm releasing TWO original security-themed songs for the price of zero! Can't wait to share the tunes with you.

[7MinSec]

Ok @bkimminich , it's ready. Please enjoy the worldwide debut of the full version of the OWASP Juice Shop Jingle: https://soundcloud.com/braimee/owasp-juice-shop-jingle

---

VERSE 1
When you want to shop online then you had better be sure
The experience is safe and also secure

Don't want to let no SQLi or cross-site scripting ruin your day
No, you want to break into a joyous song and say:

CHORUS 1
Juice Shop! Juice Shop!
You can order tasty beverages in any quantity
Juice Shop! Juice Shop!
Just don't test the site with Burp Suite or you won't like what you see

VERSE 2
Now if you're feeling kinda sneaky and you're inclined to explore
You might find inside the Juice Shop a hidden score board
It will point you towards a vuln'rability or maybe two
And when you're done you'll say, "This site should get a code review!"

CHORUS 2
Juice Shop! Juice Shop!
It has got more holes then a warehouse filled with gallons of Swiss cheese
Juice Shop! Juice Shop!
It's a wet nightmare of broken code that'll bring you to your knees

BRIDGE
I wouldn't let my credit card go anywhere that’s near it
If you give Juice Shop your password then you should surely fear it

VERSE 3
So in conclusion I would like to say a final thing or two
I won't be shopping at The Juice Shop with my coupon code for June
The site is nothing more than one big pile of HTTP fail
Whoever made this site should rot for years in Internet jail

CHORUS 1
Juice Shop! Juice Shop!
You can order tasty beverages in any quantity
Juice Shop! Juice Shop!
Just don't test the site with Burp Suite or you won't like what you see

[ghost]

Hello again ! :)
I'm the person who ask you the chords on the jingle. I saw that you have developed it... :D
Can we have the arpeggios version of this music, or you didn't realize it with the expansion ?
By the way (and to answer to a private message) : yes, I will take a video of myself playing guitar and singing. Even if I'm French and I'm not a monster in guitar. ;)
Brynanum

[7MinSec]

@Brynanum I'm incredibly sorry for the late reply! Please remind me, did I answer your questions? And @bkimminich was this issue closed to your satisfaction? :-)

[bkimminich]

Oh absolutely, sir! By now the jingle was played 14,500 times, which probably makes it the "Most played jingle of an Open Source project ever", should the Guiness Book of World Records ever have that category... 😆

[ghost]

You didn't give me a complete arpeggios version, but only notes on the 1st verse and chorus...
But this is fine for me :)

[7MinSec]

@Brynanum admittedly, I'm a guitar hack and I fake arpeggios until I make them. Any guitar picking guidance I were to provide would probably make you just go "HUH?" :-)

[ghost]

Do not worry, I understand completely. x)