Cache

Finally rooted! Initial foothold was rather circuitous and there were many blind alleys to go through - it took me days to get the initial shell while root took only about 1-2 hours.

Foothold: Once you’ve found the H** that everyone is referring to, the fun begins here. At first, I had to sieve through the many vulnerabilities and decide which to use. In the end, I only relied on what was already available in a certain framework in my attacking box. I suspect there are multiple routes to get to the first web shell. I went the not-so-disruptive way but would be interested to hear of alternative methods that chains vulns together in different ways.

User 1: You might have found something previously which would help.

User 2: It’s a service related to the name of the box.

Root: Blue whale and something special about user 2. There could be slight variations in the root approach. I stumbled for a while before I realised I had to check on images before I could proceed.

Rooted! Feel free to ask me for tips

finally rooted!!!
Thanks @unknwon and @unmesh836 for the nudges.

Rooted! Thanks for all the tips and hints here. Feel free to ping me for any nudges! :smiley:

what am i supposed to do with m*******d?

hey everyone, I’m stuck on cache - I got the service and got the admin but I’m stuck - I know how to exploit the machine afterwards but I need the missing piece to do that, any tips would be appreciated , thanks.

Rooted box!

I want left one comment, what for me was pain and there is no nudge on the forum, pay attention how resolve juice string. This part was Foothold, the part more tricky.

Rooted.

Happy to provide hints, just let me know where you are and what you’ve tried.

finally rooted!! pm me if you need any nudges

Finally rooted
great thanks to @Dw0rdPwn3r
also many many thanks to you guys @ellj @CyberG33k

This has to be one of the most frustrating machines in the site. From the random hangs of the service to the weird errors on things that were working before…

Edit: Rooted it.

The initial foothold was harder than necessary in comparison with the root. But enjoyed it anyway.

what are good resources to learn docker hacking. google obviously. But in case someone has precise and good blogs/ channels etc. Thanks

Owned this machine finally. User part took some time and root privesc is very easy. One can do it in 1 mins under.
PM me for hints only. Let me know where you are now and what you did so far.
Happy to help.

Type your comment> @MrSHolmes said:

what are good resources to learn docker hacking. google obviously. But in case someone has precise and good blogs/ channels etc. Thanks

Dont take this personal, but srsly GTFO ! :smiley:

What a ride, always feel a bit confused with some part of user : bit of guessing or classic hacker knowledge .?? I really sucks at this part.
The root part is easy
Thanks @Dw0rdPwn3r and @unknwon for their help
Feel free to PM for nudge.

nice box

Done. PM if help needed

Is anyone struggling with O*****R Exploit

@alesawe said:

Is anyone struggling with O*****R Exploit

Read through some of the public documentation and try out the POC code provided. Then it should be fairly simple.

Type your comment> @enigmaNL said:

Type your comment> @MrSHolmes said:

what are good resources to learn docker hacking. google obviously. But in case someone has precise and good blogs/ channels etc. Thanks

Dont take this personal, but srsly GTFO ! :smiley:

haha…that was a good clue. I am reading it.