capture the flag, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 18 – Playing With Containers #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our eighteenth challenge, we’re presented with a scenario where the Grinch has been boasting about their attack in an underground forum. The Grinch has been targeting organizations with campaigns – “Advent of Cyber”. We need to figure out what tooling Grinch Enterprises is using.

The topic explored in this challenge are containers. A container is a virtualization concept similar to a virtual machine. The virtualization software we’re going to use for this challenge is docker. One important concept to note with containers are they’re a snapshot in time. Meaning once you build or create a container you cannot modify it. That container will work the same forever. This can be good and bad. Good if you’re developing and you want to ship your code to a friend for them to play with or release it to production (live). Bad if you have secrets or API keys that are laying around in your code. If you create a container with API keys laying unsecured those APIs will be unsecured when you build the container and can will be viewable by anyone using the container. This will be useful in our challenge.

Can McSkidy find more info on the attack tooling Grinch Enterprises is using? Find out below!

If you enjoy my content, buy me a coffee. Link –>