The SecOps Cheat Guide

SecurityLabs challenge: Week 4 (Public ECR)

This one was fairly easy. The first confirmed clear was ~5 minutes after the post went live...

"Our security team found a public repository called challenge-4 in public registry called SecurityLabs."

  1. Public ECR repos can be searched outside of AWS (read: non-credentialed or Authorized. But it is Public so that should be assumed.) Point a browser to https://gallery.ecr.aws/

  2. Search for the image name to retrieve the full image. Ours full image was public.ecr.aws/securitylabs/challenge-4

  3. On your machine, issue docker pull public.ecr.aws/securitylabs/challenge-4

  4. Now run it docker run -it public.ecr.aws/securitylabs/challenge-4

  5. A quick look in the /root folder shows a .aws directory containing credentials, and a Go app called app.go. This app shows the bucket name, key, and region for our flag. Using this info and the credentials provided, you can download the flag