Level 3

Lesson learned

There are lots of other resources on AWS that can be public, but they are harder to brute-force for because you have to include not only the name of the resource, but also the the Account ID and region. They also can't be searched with DNS records. However, it is still best to avoid having public resources.

You also learned a little about Docker.

Level 3 challenge

The container's webserver you got access to includes a simple proxy that can be access with: http://container.target.flaws2.cloud/proxy/http://flaws.cloud or http://container.target.flaws2.cloud/proxy/http://neverssl.com

Need a hint?