docker
Learn More →
Learn More →
Just Begin whit the networking of dockers
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$docker network ls
NETWORK ID NAME DRIVER SCOPE
f9b24ce95506 bridge bridge local
51d655520585 host host local
d8713935ea94 none null local
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$docker network inspect bridge
[
{
"Name": "bridge",
"Id": "f9b24ce955067fa526360e91951674d9cc16de73917d079470587272c6f0127c",
"Created": "2022-08-01T17:13:17.266757822-04:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$ docker pull kalilinux/kali-rolling
Using default tag: latest
latest: Pulling from kalilinux/kali-rolling
c44a5498bf98: Pull complete
Digest: sha256:f2ed86a0504055c6920915decc2be75cc3ecc836b255bb0a34263a7e39cfb24f
Status: Downloaded newer image for kalilinux/kali-rolling:latest
docker.io/kalilinux/kali-rolling:latest
NOTE: To identify the containers, we give a name to each one of them during the execution, in this case we will call it "Container_Kali":
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$docker run -ti --name Container_Kali kalilinux/kali-rolling /bin/bash
┌──(root㉿ba54ccb86aeb)-[/]
└─# uname -a
Linux ba54ccb86aeb 5.18.0-kali5-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.5-1kali6 (2022-07-07) x86_64 GNU/Linux
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$sudo apt update && apt dist-upgrade
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$sudo apt autoremove & apt clean
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$apt install kali-tools-top10 #Install the top 10 kali apps
......
.....
REDACTED
.....
......
Setting up burpsuite (2022.7.1-0kali1) ...
Setting up hydra (9.3-3+b1) ...
Setting up kali-tools-top10 (2022.3.10) ...
Processing triggers for ca-certificates (20211016) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Processing triggers for libc-bin (2.33-8) ...
Processing triggers for libgdk-pixbuf-2.0-0:amd64 (2.42.8+dfsg-2) ...
Processing triggers for ca-certificates-java (20220719) ...
done.
NOTE: To install more packages and binaries here
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ba54ccb86aeb kalilinux/kali-rolling "/bin/bash" 14 minutes ago Exited (127) 5 seconds ago Container_Kali
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$docker start Container_Kali
Container_Kali
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$docker exec -it Container_Kali /bin/bash
┌──(root㉿ba54ccb86aeb)-[/]
└─#
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$docker commit Container_Kali imagen-kali
sha256:b5bb0ecd3c673411638e8c7588b455ef7a914ec73de7e4d3d60d259987eb97f8
┌──(leonuz㉿sniperhack)-[~/DOCKER-IMG] # let's first go to where we want the image to be stored
└─$ docker save -o kali-top10.tar imagen-kali
┌──(leonuz㉿sniperhack)-[~/DOCKER-IMG]
└─$ ls -la
total 3552068
drwxr-xr-x 2 leonuz leonuz 4096 Aug 1 18:13 .
drwxr-xr-x 50 leonuz leonuz 4096 Aug 1 18:12 ..
-rw------- 1 leonuz leonuz 3637301760 Aug 1 18:13 kali-top10.tar
┌──(leonuz㉿sniperhack)-[~/DOCKER-IMG]
└─$ docker load -i kali-top10.tar
Loaded image: imagen-kali:latest
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$docker run -ti imagen-kali /bin/bash
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$ docker pull bkimminich/juice-shop
Using default tag: latest
latest: Pulling from bkimminich/juice-shop
Digest: sha256:35fce029db378b200a92dbdb1587100d562458637fc776ff85e713e0ef793000
Status: Image is up to date for bkimminich/juice-shop:latest
docker.io/bkimminich/juice-shop:latest
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$ docker run -d -p 3000:3000 --name Container_Juice_Shop bkimminich/juice-shop
09c91a7efcaab6b973dda8c56015bf34c121fe2ad2b6132e37e1a2b109240db5
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$ docker pull opendns/security-ninjas
Using default tag: latest
latest: Pulling from opendns/security-ninjas
Image docker.io/opendns/security-ninjas:latest uses outdated schema1 manifest format. Please upgrade to a schema2 image for better future compatibility. More information at https://docs.docker.com/registry/spec/deprecated-schema-v1/
e190868d63f8: Pull complete
909cd34c6fd7: Pull complete
0b9bfabab7c1: Pull complete
a3ed95caeb02: Pull complete
f0df993c3aef: Pull complete
09358b20e8bc: Pull complete
5b0e1b98c45e: Pull complete
9c00e77d73a9: Pull complete
fe8e16791cf6: Pull complete
ac8b0ffa2b98: Pull complete
94051df6e066: Pull complete
Digest: sha256:aae15b7ca2827f1d4fcc5b38a238e8a207f1ebc1bd5eef921cef97f5f6262994
Status: Downloaded newer image for opendns/security-ninjas:latest
docker.io/opendns/security-ninjas:latest
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$ docker run -d -p 8899:80 --name Container_Security_Ninjas opendns/security-ninjas
f93fa3070c578e41153e064e3f9479cd94ab4ba9b92e0674b87e9765f1e9b0e7
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$ docker inspect Container_Juice_Shop
[
{
"Id": "09c91a7efcaab6b973dda8c56015bf34c121fe2ad2b6132e37e1a2b109240db5",
"Created": "2022-08-02T00:34:41.972916867Z",
"Path": "/nodejs/bin/node",
"Args": [
"/juice-shop/build/app.js"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 20254,
"ExitCode": 0,
"Error": "",
"StartedAt": "2022-08-02T00:34:42.270421195Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:0df4899ababb02713f97f72bcc4d514fac0badae3190f4bb231d30628fd0a9a9",
"ResolvConfPath": "/var/lib/docker/containers/09c91a7efcaab6b973dda8c56015bf34c121fe2ad2b6132e37e1a2b109240db5/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/09c91a7efcaab6b973dda8c56015bf34c121fe2ad2b6132e37e1a2b109240db5/hostname",
"HostsPath": "/var/lib/docker/containers/09c91a7efcaab6b973dda8c56015bf34c121fe2ad2b6132e37e1a2b109240db5/hosts",
"LogPath": "/var/lib/docker/containers/09c91a7efcaab6b973dda8c56015bf34c121fe2ad2b6132e37e1a2b109240db5/09c91a7efcaab6b973dda8c56015bf34c121fe2ad2b6132e37e1a2b109240db5-json.log",
"Name": "/Container_Juice_Shop",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "docker-default",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {
"3000/tcp": [
{
"HostIp": "",
"HostPort": "3000"
}
]
},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "private",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": null,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/0de7ef0f2b227660610eba873bfca7c1f338845c50dd12c25850c1eb0063f844-init/diff:/var/lib/docker/overlay2/76f2ed7fc1b5dd5da8f8c9a870387bfb514f95ba2309b7b212cac678cdba70aa/diff:/var/lib/docker/overlay2/e8eedff361cc53e25c4dcadf12a0153a637c53efcc29c7343e940d000c8565f6/diff:/var/lib/docker/overlay2/44c2c153ca59bc425c35aed5f821b0f2f48c05a051fca05e29a99f4cb5628091/diff:/var/lib/docker/overlay2/3722edb6374c5b9b4c17dbdae97c2d8e83a320d98eb82686c29bc7763f66b9ad/diff:/var/lib/docker/overlay2/3abdfdf1a7a613cbf79d54a5531e90a764f411ec98db02783dcb43de7ef51714/diff:/var/lib/docker/overlay2/712f15ff03b276935de9e4254e0c446df539b58549eedd67e0d444e77c1feb0b/diff",
"MergedDir": "/var/lib/docker/overlay2/0de7ef0f2b227660610eba873bfca7c1f338845c50dd12c25850c1eb0063f844/merged",
"UpperDir": "/var/lib/docker/overlay2/0de7ef0f2b227660610eba873bfca7c1f338845c50dd12c25850c1eb0063f844/diff",
"WorkDir": "/var/lib/docker/overlay2/0de7ef0f2b227660610eba873bfca7c1f338845c50dd12c25850c1eb0063f844/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "09c91a7efcaa",
"Domainname": "",
"User": "65532",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"3000/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt"
],
"Cmd": [
"/juice-shop/build/app.js"
],
"Image": "bkimminich/juice-shop",
"Volumes": null,
"WorkingDir": "/juice-shop",
"Entrypoint": [
"/nodejs/bin/node"
],
"OnBuild": null,
"Labels": {
"maintainer": "Bjoern Kimminich <bjoern.kimminich@owasp.org>",
"org.opencontainers.image.authors": "Bjoern Kimminich <bjoern.kimminich@owasp.org>",
"org.opencontainers.image.created": "”2022-07-04T15:18:30Z”",
"org.opencontainers.image.description": "Probably the most modern and sophisticated insecure web application",
"org.opencontainers.image.documentation": "https://help.owasp-juice.shop",
"org.opencontainers.image.licenses": "MIT",
"org.opencontainers.image.revision": "2ed18c9",
"org.opencontainers.image.source": "https://github.com/juice-shop/juice-shop",
"org.opencontainers.image.title": "OWASP Juice Shop",
"org.opencontainers.image.url": "https://owasp-juice.shop",
"org.opencontainers.image.vendor": "Open Web Application Security Project",
"org.opencontainers.image.version": "14.1.1"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "1211398d0e279d63c31e8c8484494ded8067efd8de3408934764d59faf15f2bd",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"3000/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "3000"
},
{
"HostIp": "::",
"HostPort": "3000"
}
]
},
"SandboxKey": "/var/run/docker/netns/1211398d0e27",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "c990c4b40e1a42c7d3df47087ae16800d9305102b12f73f8d7ab6b44aa671dae",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:03",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "f9b24ce955067fa526360e91951674d9cc16de73917d079470587272c6f0127c",
"EndpointID": "c990c4b40e1a42c7d3df47087ae16800d9305102b12f73f8d7ab6b44aa671dae",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:03",
"DriverOpts": null
}
}
}
}
]
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' Container_Juice_Shop
172.17.0.3
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$docker container stop $(docker container ls -a -q)
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$docker system prune -a
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f93fa3070c57 opendns/security-ninjas "/bin/sh -c '/usr/sb…" 8 minutes ago Up 8 minutes 0.0.0.0:8899->80/tcp, :::8899->80/tcp Container_Security_Ninjas
09c91a7efcaa bkimminich/juice-shop "/nodejs/bin/node /j…" 34 minutes ago Up 34 minutes 0.0.0.0:3000->3000/tcp, :::3000->3000/tcp Container_Juice_Shop
ba54ccb86aeb kalilinux/kali-rolling "/bin/bash" 4 hours ago Up 4 hours Container_Kali
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$ docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' Container_Kali
172.17.0.2
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$ docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' Container_Juice_Shop
172.17.0.3
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$ docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' Container_Security_Ninjas
172.17.0.4
┌──(leonuz㉿sniperhack)-[~/Pentest-Lab]
└─$ ip a #OUTPUT REDACTED
1: lo: <LOOPBACK,UP,LOWER_UP>
inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP>
inet 192.168.27.154/24 brd 192.168.27.255
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP>
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
7: vetheb3c3c4@if6: <BROADCAST,MULTICAST,UP,LOWER_UP>
39: vethbc1a24d@if38: <BROADCAST,MULTICAST,UP,LOWER_UP>
41: veth892cd45@if40: <BROADCAST,MULTICAST,UP,LOWER_UP>
Writeup by leonuz challenge.txt xrnodijiptyoyticfxyipsaghffboyciefzjkfslxqhvnkvbjc+hvaobboxzultwvavkwmcdmxrsrvb+jkhzbcoi+pezwbty+epyiiqsk+cmvx+dvzlerbrmvh En primer lugar, utilizamos el descifrador de cifrado Trifid. Si no estás familiarizado con este cifrado, basta con que busques en Google el nombre del reto junto con la palabra "cipher". Basándonos en la descripción del reto, fijamos el tamaño del grupo en 3.
Dec 10, 2022by leonuz Beginner's Luck Challenge Description My sister’s computer crashed. We were very fortunate to recover this memory dump. Your job is get all her important files from the system. From what we remember, we suddenly saw a black window pop up with some thing being executed. When the crash happened, she was trying to draw something. Thats all we remember from the time of crash. Note: This challenge is composed of 3 flags. Challenge file: MemLabs_Lab1 We start for identify the operating system, for that we use imageinfo plugin.
Oct 26, 2022Complete Workflow for check out a branch and pull changes from master Pull all remote branches git pull --all List all branches now git branch -a Download your branch git checkout -b <feature branch name copied from list of branches above>
Aug 2, 2022by leonuz Obsession Challenge Description My system was recently compromised. The Hacker stole a lot of information but he also deleted a very important file of mine. I have no idea on how to recover it. The only evidence we have, at this point of time is this memory dump. Please help me. Note: This challenge is composed of only 1 flag. The flag format for this lab is: inctf{s0me_l33t_Str1ng}
Aug 2, 2022or
By clicking below, you agree to our terms of service.
New to HackMD? Sign up