通过容器中泄露的密钥解密密文
docker run -d webgoat/assignments:findthesecret
755a6d9d7f8e1a44c2cf243313ca999f2f0295e428289809f63cebd927c05a93
docker exec -it 755a6d9d7f8e /bin/bash
webgoat@755a6d9d7f8e:/$ cd /root
bash: cd: /root: Permission denied
docker exec -u root -it 755a6d9d7f8e /bin/bash
root@755a6d9d7f8e:/# cd /root
root@755a6d9d7f8e:~# ls
default_secret
root@755a6d9d7f8e:~# cat default_secret
ThisIsMySecretPassw0rdF0rY0u
root@755a6d9d7f8e:~# echo "U2FsdGVkX199jgh5oANElFdtCxIEvdEvciLi+v+5loE+VCuy6Ii0b+5byb5DXp32RPmT02Ek1pf55ctQN+DHbwCPiVRfFQamDmbHBUpD7as=" | openssl enc -aes-256-cbc -d -a -kfile default_secret
Leaving passwords in docker images is not so secure