Professionally Evil Container Hackery

Cory Sabol - Security Consultant at Secure Ideas, LLC

Description:

In this workshop we'll be learning how to do some container hacking! The course assumes that students are somewhat familiar with how to use Docker or other container tooling. We'll touch on several techniques that can be used when you encounter container tech on a penetration test. We'll also be using a tool written by the author called Harpoon to carry out some of the recon and attacks. In addition to Harpoon we'll also be using a customized version of SamuraiWTF; be on the lookout for a notification of when these labs are ready.

Tentative Course Schedule

• Introduction

• Container basics; terminology, basic docker commands

• Reconnaissance

• Looking for docker socket

• Surveying existing images

• Viewing host processes from inside a container

• Priviledge escalation using conatiners and container services

• Elevate low-priv user in Docker group to root

• Mount the host filesystem to backdoor the host root

• Exploration of CVE-2019-5736

• Attacking Kubernetes

• Pivoting to compromise cluster services

• Access to port 10250

Setup/Requirements: