We covered the solution of Docker VulnHub lab where we performed a penetration testing for a Docker container running a WordPress website.

Command Injection

Dockers containers are used for virtualization purposes for speed, flexibility and security. They are much like virtual machines in that they are run separately but with the exception that dockers use the same kernel of the main OS in addition to the same RAM and CPU resources.

By definition it is the process of packaging an application and the necessary resources (such as libraries and packages) required into one package named a container to make it portable and run faster.

Docker looks similar to virtual machines, but the difference is that it runs directly on the kernel of the host by virtualising the OS and not on the hardware. Docker Service runs on the host itself and Containers runs top of it.
Virtual machines are considered more secure since they are more isolated and have their own operation system.
environment This instruction is used to pass environment variables i.e. passwords,usernames,etc.

Get OSCP Certificate Notes

The Complete Practical Web Application Penetration Testing Course

Video Walkthrough | Part 1

In the second part, we demonstrated Linux privilege escalation through the unzip command.
About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles