Escaping Web Server Docker Container with SSRF

We covered a Docker container running a web server that is vulnerable to server side request forgery. We used that vulnerability to execute system commands and gain access to sensitive information stored inside git commits. We learned that a Docker daemon runs on port 2375 but in order to probe and access that container we need to perform port knocking to open the port 2375. Afterwards, we mounted the complete host file system.. This was part of TryHackMe The GreatEscape.

Get OSCP Notes

Room Answers

Find the flag hidden in the webapp

Find the root flag?

Find the real root flag

Video Walkthrough

Dockers, tryhackme, TryHackMeThe Great Escape

Show Comments

MasterMind Study Notes

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles

Escaping Web Server Docker Container with SSRF | TryHackMeThe Great Escape

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Press ESC to close

Escaping Web Server Docker Container with SSRF | TryHackMeThe Great Escape

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Share Article:

You might also like

OffSec Proving Grounds: Crane Walkthrough | OSCP Prep

HackTheBox Spookypass Challenge Writeup

HackTheBox Permx Writeup