Links

Donnie Docker

Problem

I found this weird machine online, looks like they're using docker for security but I'm not sure their OPSEC is as good as they think!
ssh [email protected] -p 5000 password: umdctf

Solution

The docker socket is mounted inside the docker container. This allows us to run regular docker commands to communicate with the docker daemon, for instance mounting the host disk, and chroot-ing to it.
We find the flag.txt here:
Obtaining our flag:
Last modified 8mo ago