Myles Nieman
← All writeups

Docker

2 writeups

Data

Easy

An unauthenticated Grafana path-traversal (CVE-2021-43798) exposes the SQLite database, leaking PBKDF2 password hashes that crack to yield SSH access; …

Linux

Toolbox

Easy

SQL injection in a PostgreSQL-backed login form yields an os-shell inside a Docker container; the Docker Toolbox VM is reachable via SSH with default …

Windows