We covered a Docker container running a web server that is vulnerable to server side request forgery. We used that vulnerability to execute system commands and gain access to sensitive information stored inside git commits. We learned that a Docker daemon runs on port 2375 but in order to probe and access that container we need to perform port knocking to open the port 2375. Afterwards, we mounted the complete host file system.. This was part of TryHackMe The GreatEscape.

Get OSCP Notes

Room Answers

Find the flag hidden in the webapp
Find the root flag?
Find the real root flag

Video Walkthrough

, ,
Show Comments

Motasem

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles