CarolinaCon 15 | Professionally Evil Container Hackery

Event Information

Share this event

Date and Time

Location

Location

Renaissance Charlotte Suites Hotel

2800 Coliseum Centre Drive

Charlotte, NC 28217

View Map

Event description

Description

Professionally Evil Container Hackery

Cory Sabol - Security Consultant at Secure Ideas, LLC


Description:

In this workshop we'll be learning how to do some container hacking! The course assumes that students are somewhat familiar with how to use Docker or other container tooling. We'll touch on several techniques that can be used when you encounter container tech on a penetration test. We'll also be using a tool written by the author called Harpoon to carry out some of the recon and attacks. In addition to Harpoon we'll also be using a customized version of SamuraiWTF; be on the lookout for a notification of when these labs are ready.


Tentative Course Schedule

  • Introduction

    • Container basics; terminology, basic docker commands

  • Reconnaissance

    • Looking for docker socket

    • Surveying existing images

    • Viewing host processes from inside a container

  • Priviledge escalation using conatiners and container services

    • Elevate low-priv user in Docker group to root

    • Mount the host filesystem to backdoor the host root

    • Exploration of CVE-2019-5736

  • Attacking Kubernetes

    • Pivoting to compromise cluster services

    • Access to port 10250


Setup/Requirements:

  • Personal laptop or a work laptop which students have the ability to install 3rd party software
  • VirtualBox (if you need to use another hypervisor you'll need to convert the labs on your own.)
  • Vagrant
  • A built instance of the SamuraiWTF labs VM (once development is finished)
Share with friends

Date and Time

Location

Renaissance Charlotte Suites Hotel

2800 Coliseum Centre Drive

Charlotte, NC 28217

View Map

Save This Event

Event Saved