We covered the fifth part of exploiting Docker containers. We discussed one of the popular methods of escaping Docker containers, that is, exploiting misconfigured permissions, namely, Linux capabilities granted to Dockers. Using this method we can mount specific sensitive files and hashes from the host file system to a directory of our choice on the Docker container. This was part of TryHackMe The Docker Rodeo.
What is the name of the repository within this registry?
What is the name of the tag that has been published?
What is the Username in the database configuration?
What is the Password in the database configuration?
Using Dive, how many “Layers” are there in this image?
What user is successfully added?