Docker – MCYSEKA-Maritime Cyber Security Knowledge Archive

Hack The Box: Artificial Machine Walkthrough – Easy Diffucilty

Hacking the “Artificial” Machine on Hack The Box!

Conquered the “Artificial” machine on Hack The Box! 🕵️‍♂️ I scanned the target, identified a web server on port 80, and created an account to access its dashboard, where I uploaded a malicious .h5 file to trigger a reverse shell. Using a Docker environment, I gained a shell as the app user, found a SQLite database (users.db), and cracked its password hashes to reveal credentials for user “gael,” allowing me to grab the user flag via SSH from user.txt. For root, I discovered port 9898 running Backrest, forwarded it, and enumerated backup files, finding a bcrypt-hashed password in config.json. Decoding a base64 value yielded a plaintext password, granting access to the Backrest dashboard, where I exploited the RESTIC_PASSWORD_COMMAND to trigger a root shell and secure the root flag from root.txt.

#Cybersecurity #HackTheBox #CTF #PenetrationTesting #PrivilegeEscalation

The post Hack The Box: Artificial Machine Walkthrough – Easy Diffucilty appeared first on Threatninja.net.

October 25, 2025

0 comment

ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service

Darktrace researchers have uncovered ShadowV2, a new botnet that operates as a DDoS-for-hire service by infecting misconfigured Docker containers on AWS cloud servers.

September 24, 2025

0 comment

Exposed Docker APIs Likely Exploited to Build Botnet

Hackers mount the host’s file system into fresh containers, fetch malicious scripts over the Tor network, and block access to the Docker API.
The post Exposed Docker APIs Likely Exploited to Build Botnet appeared first on SecurityWeek.

September 9, 2025

0 comment

New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs

Akamai finds new Docker malware blocking rivals on exposed APIs, replacing cryptominers with tools that hint at early botnet development.

September 9, 2025

0 comment

Docker Desktop Vulnerability Allowed Host Takeover on Windows, macOS

A critical vulnerability (CVE-2025-9074) in Docker Desktop for Windows and macOS was fixed. The flaw allowed a malicious…

August 27, 2025

0 comment

Docker fixes critical Desktop flaw allowing container escapes

Docker fixed a critical flaw in the Docker Desktop app for Windows and macOS that could potentially allow an attacker to escape the confines of a container. Docker fixed a critical vulnerability, tracked as CVE-2025-9074 (CVSS score of 9.3), impacting Docker Desktop app for Windows and macOS. An attacker can exploit the flaw to potentially escape […]

August 26, 2025

0 comment

Behind the code: How developers work in 2025

How are developers working in 2025? Docker surveyed over 4,500 people to find out, and the answers are a mix of progress and ongoing pain points. AI is gaining ground but still unevenly used. Security is now baked into everyday workflows. Most devs hav…

July 11, 2025

0 comment

Crypto mining campaign targets Docker environments with new evasion technique

New malware campaign targets Docker environments using unknown methods to secretly mine cryptocurrency, researchers warn. Researchers from Darktrace and Cado Security have spotted a malware campaign that targets Docker environments with a novel technique to mine cryptocurrency. The malware campaign targets Docker environments to deploy a malicious node connected to Teneo, a decentralized infrastructure network. […]

April 23, 2025

0 comment

Incomplete Patch Leaves NVIDIA and Docker Users at Risk

NVIIA’s incomplete security patch, combined with a Docker vulnerability, creates a serious threat for organizations using containerized environments. This article explains the risks and mitigation strategies.

April 14, 2025

0 comment

1 2 3

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31