Situational awareness
Now that we have access to the shell of the Docker container, we should look around and see what else we can find. As we've mentioned before, Docker containers are not VMs. They contain just enough binaries for the application to function.
Since we have shell access on the container, we are constrained to the environment it provides. If the application doesn't rely on ifconfig
, for example, it will likely not be packaged with the container and therefore would be unavailable to us now.
We can confirm that our environment is somewhat limited by calling:
weevely> ifconfig sh: 1: ifconfig: not found weevely> wget sh: 1: wget: not found weevely> nmap sh: 1: nmap: not found
We do, however, have access to curl
, which we can use in place of wget
:
weevely> curl curl: try 'curl --help' or 'curl --manual' for more information
In the worst-case scenario, we could also upload the binaries through Weevely's :file_upload
command...