Hackfail.htb - !exclusive!

If /var/run/docker.sock is accessible, you can use it to spawn a new container that mounts the host's root filesystem. 👑 Phase 4: Privilege Escalation to Root

Browse through public repositories. Look for configuration files (like .env or config.php ) that might contain secrets. Exploit Git Hooks: If you find a repository you can edit: Navigate to Settings > Git Hooks . Edit the pre-receive or post-update hook. hackfail.htb

Gitea is the primary vector for gaining a foothold on this machine. Identifying the Vulnerability If /var/run/docker