https://z3r0s6.github.io/tags/mcpjam/Recent content in MCPJam on z3r0sHugoenSun, 05 Apr 2026 00:00:00 +0000https://z3r0s6.github.io/machines/kobold/Sun, 05 Apr 2026 00:00:00 +0000https://z3r0s6.github.io/machines/kobold/<table> <thead> <tr> <th>Field</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>Difficulty</td> <td>Easy</td> </tr> <tr> <td>OS</td> <td>Linux (Ubuntu)</td> </tr> <tr> <td>CVE</td> <td>CVE-2026-23744</td> </tr> <tr> <td>Tags</td> <td><code>docker</code> <code>gshadow</code> <code>lfi</code> <code>mcp</code> <code>mcpjam</code> <code>pastebin</code> <code>path-traversal</code> <code>rce</code></td> </tr> </tbody> </table> <hr> <h2 id="summary"> Summary <a class="heading-link" href="#summary"> <i class="fa-solid fa-link" aria-hidden="true" title="Link to heading"></i> <span class="sr-only">Link to heading</span> </a> </h2> <p>Kobold is a Linux easy box featuring a multi-service web application behind nginx with HTTPS and wildcard virtual hosting. Initial access requires exploiting <strong>CVE-2026-23744</strong> - an unauthenticated RCE in MCPJam Inspector - by sending a crafted JSON payload to <code>/api/mcp/connect</code> to execute arbitrary commands. Privilege escalation abuses a discrepancy between <code>/etc/gshadow</code> and the running session, allowing the <code>sg</code> command to switch into the <code>docker</code> group and mount the host filesystem inside a container.</p>