Attack Chain Summary
Recon → mcp.kobold.htb (MCPJam v1.4.2) + port 3552 (Arcane v1.13.0)
↓
CVE-2026-23744 — Unauthenticated RCE on MCPJam /api/mcp/connect
↓
Shell as ben → User flag
↓
newgrp docker → mount host / into PrivateBin container
↓
Root flag| Field | Details |
|---|---|
| Machine Name | Kobold |
| OS | Linux |
| Difficulty | Medium |
| IP | 10.129.8.227 |
1. Reconnaissance
Port Scan
Full port scan using RustScan followed by detailed Nmap service scan revealed four open ports:
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http (nginx 1.24.0)
443/tcp open https (nginx 1.24.0)
3552/tcp open http (Golang net/http server)Key observations from Nmap:
- Ports 80 and 443 redirect to
https://kobold.htb - SSL certificate covers
kobold.htband*.kobold.htb(wildcard), indicating subdomains - Port 3552 runs a Go HTTP server serving an SPA-style web application
/etc/hosts
Added the target to /etc/hosts:
echo "10.129.8.227 kobold.htb" | sudo tee -a /etc/hostsWeb Enumeration
https://kobold.htb served a static "Coming Soon" landing page for the Kobold Operations Suite — described as a centralized platform for managing internal services, automated workflows, AI-powered agents, and containerized applications.
Subdomain Enumeration
Used ffuf with a wildcard cert indicator to enumerate subdomains:
ffuf -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt \
-u https://kobold.htb -H "Host: FUZZ.kobold.htb"Discovered: mcp.kobold.htb (Status 200, Size 466)
Added to /etc/hosts and visited — running MCPJam v1.4.2, an MCP (Model Context Protocol) server management interface with Sign in / Create account functionality, Tools, Resources, Prompts, and Tasks sections.
Port 3552 — Arcane
Browsing to http://10.129.8.227:3552/login revealed Arcane v1.13.0 — a container management platform ("Sign in to manage your containers").