Escaping Web Server Docker Container with SSRF

We covered a Docker container running a web server that is vulnerable to server side request forgery. We used that vulnerability to execute system commands and gain access to sensitive information stored inside git commits. We learned that a Docker daemon runs on port 2375 but in order to probe and access that container we need to perform port knocking to open the port 2375. Afterwards, we mounted the complete host file system.. This was part of TryHackMe The GreatEscape.

Get OSCP Notes

Room Answers

Find the flag hidden in the webapp

Find the root flag?

Find the real root flag

Video Walkthrough

Dockers, TryHackMe Walkthrough, TryHackMeThe Great Escape

Show Comments

The MasterMinds Notes

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles

Escaping Web Server Docker Container with SSRF | TryHackMeThe Great Escape

Leave a Reply Cancel reply

The MasterMinds Notes

About the Author

Other stories

Escaping Docker Containers Using Linux Capabilities | TryHackMe The Docker Rodeo

Exploiting Docker Container with E-Commerce Website | TryHackMe The Marketplace

Press ESC to close

Escaping Web Server Docker Container with SSRF | TryHackMeThe Great Escape

Leave a Reply Cancel reply

The MasterMinds Notes

About the Author

Share Article:

You might also like

Web Application Basics | TryHackMe Walkthrough

HackTheBox Sherlock: Meerkat Writeup and Walkthrough

LLM & AI Hacking: How AI is Being Exploited by Hackers | TryHackMe EvilGPT 1 & 2

Other stories

Escaping Docker Containers Using Linux Capabilities | TryHackMe The Docker Rodeo

Exploiting Docker Container with E-Commerce Website | TryHackMe The Marketplace