So, has anybody managed to complete this? I know how to exploit this application, and I’ve successfully managed to exploit it locally, but exploiting it on the remote service is my main problem. Without giving too much away, let’s just say that a piece of information that I need in order to successfully exploit the service is displayed locally just fine, but no such info is returned when trying it against the remote service. I don’t know if this is a problem with Docker, or if I need to do something different for the remote instance rather than the same thing for the local instance.
I’ll give more details to whoever already completed it via PM, since I’m unsure how much I can say before a rule is broken.