🐳 Can you hijack this Docker registry and extract its hidden secrets?

A Docker registry management platform implements the Registry API v2 with enterprise security features for container image storage and distribution. But when authentication mechanisms meet implementation flaws, even the most secure registries can leak their most sensitive layers and manifests. 🎯 Time to test your container registry exploitation skills!

1

Flags

1

Points

Challenge

Solution Available

Pro Exclusive

Start Lab Environment

~1-2 min setup

AWS dedicated

Private instance

Industry standard

Flag

+1 point

First Blood by Malekith at 2025-09-09 00:02:01.0

Registry Hijacker

Challenge 1 points

Writeup Guidelines

Share your solution approach, methodology, and insights. Your writeup will be reviewed before being published to the community. Earn +1 bonus point when your writeup is approved!

Requirements:

No flag content: Do not reveal actual flag values or passwords in your writeup
Include lab link: Your writeup must contain a direct link to this lab for reference
Educational focus: Explain your methodology, tools used, and learning insights

Writeup URL *

Link to your blog post, GitHub repository, or any platform where you've published your writeup
Remember to include this lab's URL in your writeup: https://hackerdna.com/labs/registry-hijacker

Language *

Help others find writeups in their preferred language

Confirmation Required

I confirm that my writeup includes a direct link to this lab

Your writeup must reference this lab's URL: https://hackerdna.com/labs/registry-hijacker

I confirm that my writeup does NOT contain flag content or critical information

Do not include actual flags, passwords, or other sensitive information that would spoil the challenge

Labs / Registry Hijacker

🐳 Can you hijack this Docker registry and extract its hidden secrets?

Start Lab Environment

First time? Watch this quick tutorial

Flag