Exploit Notes

Docker Registry Pentesting

Last modified: 2023-01-28


Docker Registry is a steteless, highly scalable server side application that stores and lets you distribute Docker images. A default port is 5000.


# We can download the manifest given tag.

Extract Layers

If we download the manifest with the above, see the content and blobsums (sha256:abcd...) in fsLayers.

curl -so 1.tar https://example.com/blobs/sha256:abcd...
tar -xvf 1.tar

After extracting tar files, investigate files or directories to find the sensitive information.

Tools by HDKS


Automatic web fuzzer.


Auto reconnaissance CLI.

Hash Cracker

Hash identifier.