Exploiting Cluster Secrets
In this scenario we will see how we will exploit an application to access docker swarm cluster secrets.
- The application running in the CTF VM has code execution vulnerability
http://CTFVMIP:8080/?domain=;id
and is running in docker swarm with secrets attached