DO - Apps

Support HackTricks and get benefits!

Basic Information

App Platform is a Platform-as-a-Service (PaaS) offering that allows developers to publish code directly to DigitalOcean servers without worrying about the underlying infrastructure.
You can run code directly from github, gitlab, docker hub, DO container registry (or a sample app).
When defining an env var you can set it as encrypted. The only way to retreive its value is executing commands inside the host runnig the app.
An App URL looks like this


doctl apps list # You should get URLs here
doctl apps spec get <app-id> # Get yaml (including env vars, might be encrypted)
doctl apps logs <app-id> # Get HTTP logs
doctl apps list-alerts <app-id> # Get alerts
doctl apps list-regions # Get available regions and the default one
Apps doesn't have metadata endpoint

RCE & Encrypted env vars

To execute code directly in the container executing the App you will need access to the console and go to<app-id>/console/<app-name>.
That will give you a shell, and just executing env you will be able to see all the env vars (including the ones defined as encrypted).
Support HackTricks and get benefits!