Points: 100points + bonus 50
- When we look on this website, it is clear that there is nothing to exploit.
- So, check its ports.
- It shows that there is something running in on port 5000.
- Check for the applications uses 5000 as default port. We can identify that docker registry serves behind the 5000 port.
- Then try to login to the registry using username agency and password password123.
- Now search for images in registry
- Finally, we got there is an image named agency, just pull it and make a container, then search for flag.
- While checking the previous commands using history, we can get the FLAG