We covered the fifth part of exploiting Docker containers. We discussed one of the popular methods of escaping Docker containers, that is, exploiting misconfigured permissions, namely, Linux capabilities granted to Dockers. Using this method we can mount specific sensitive files and hashes from the host file system to a directory of our choice on the Docker container. This was part of TryHackMe The Docker Rodeo.

Room Answers

Does Docker run on a Hypervisor? (Yay/Nay)

What is the port number of the 2nd Docker registry?

What is the name of the repository within this registry?

What is the name of the tag that has been published?

What is the Username in the database configuration?

What is the Password in the database configuration?

What is the “IMAGE_ID” for the “challenge” Docker image that you just downloaded?

Using Dive, how many “Layers” are there in this image?

What user is successfully added?

Contents of “flag.txt” from the host operating system

Video Walkthrough

Dockers, tryhackme, TryHackMe The Docker Rodeo

Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles

Escaping Docker Containers Using Linux Capabilities | TryHackMe The Docker Rodeo

Leave a Reply Cancel reply

Motasem

About the Author

Other stories

Vulnerability Management Explained | Scanning Vulnerabilities with OpenVas | TryHackMe

Escaping Web Server Docker Container with SSRF | TryHackMeThe Great Escape

Press ESC to close

Escaping Docker Containers Using Linux Capabilities | TryHackMe The Docker Rodeo

Leave a Reply Cancel reply

Motasem

About the Author

Share Article:

Other stories

Vulnerability Management Explained | Scanning Vulnerabilities with OpenVas | TryHackMe

Escaping Web Server Docker Container with SSRF | TryHackMeThe Great Escape