Peel back the layers
An unknown maintainer managed to push an update to one of our public docker images. Our SOC team reported suspicious traffic coming from some of our steam factories ever since. The update got retracted making us unable to investigate further. We are concerned that this might refer to a supply-chain attack. Could you investigate? Docker Image: steammaintainer/gearrepairimage Category: forensics Solver: 3mb0 Flag: HTB{1_r34lly_l1k3_st34mpunk_r0b0ts!!!} Writeup Firstly, we download the provided docker image with docker pull steammaintainer/gearrepairimage and inspect the layers of it on DockerHub [1]:...