A Compendium of Container Escapes

Channel:
United States All Hacking Cons
Subscribers:
5,970
Published on ● Video Link: https://www.youtube.com/watch?v=9pMXUImdb1E


Duration: 43:10
23 views
1

Brandon Edwards | Chief Scientist, Capsule8
Nick Freeman | Research Scientist, Capsule8
Location: South Seas ABE
Date: Thursday, August 8 | 3:50pm-4:40pm
Format: 50-Minute Briefings
Tracks: Platform Security, Exploit Development

Containers are a hot topic because of the simplicity they bring to the process of software development, shipping, and deployment. They are insanely useful for eliminating environmental constraints such as library version conflicts, and for the overall organization and hygiene of software. Containers also provide some security properties, including version management, an expression of intent, and often reduced attack surface. However, it is important to understand that although the organizational isolation of containers is what enables these security properties, isolation itself is not a security property of containers.

As such, it becomes important to understand the security properties of containers, how they have been escaped in the past, and how they are likely to be escaped in the future. This year kicked off with a container escape vulnerability in runc, used by various container engines, which seemed to come as a shock for many users of containers.

The goal of this talk is to broaden the awareness of the how and why container escapes work, starting from a brief intro to what makes a process a container, and then spanning the gamut of escape techniques, covering exposed orchestrators, access to the Docker socket, exposed mount points, /proc, all the way down to overwriting/exploiting the kernel structures to leave the confines of the container.

Black Hat - USA - 2019 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2022-01-07Behind the scenes of iOS and Mac Security
2022-01-07How Do Cyber Insurers View The World?
2022-01-07Controlled Chaos: The Inevitable Marriage of DevOps & Security
2022-01-07Detecting Deep Fakes with Mice
2022-01-07Behind the Scenes: The Industry of Social Media Manipulation Driven by Malware
2022-01-07Detecting Malicious Files with YARA Rules as They Traverse the Network
2022-01-070-days & Mitigations: Roadways to Exploit and Secure Connected BMW Cars
2022-01-07Critical Zero Days Remotely Compromise the Most Popular Real Time OS
2022-01-07DevSecOps : What, Why and How
2022-01-07How to Detect that Your Domains are Being Abused for Phishing by Using DNS
2022-01-07A Compendium of Container Escapes
2022-01-07Cyber Insurance 101 for CISO's
2022-01-07A Decade After Bleichenbacher '06, RSA Signature Forgery Still Works
2022-01-07HTTP Desync Attacks: Smashing into the Cell Next Door
2022-01-07Dragonblood: Attacking the Dragonfly Handshake of WPA3
2022-01-07Cybersecurity Risk Assessment for Safety-Critical Systems
2022-01-07Adventures in the Underland The CQForensic Toolkit as a Unique Weapon Against Hackers
2022-01-07Everybody be Cool, This is a Robbery!
2022-01-07Biometric Authentication Under Threat Liveness Detection Hacking
2022-01-07Hunting for Bugs, Catching Dragons
2022-01-07Exploiting Qualcomm WLAN and Modem Over The Air


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
digital
virus
information
hack
online
crime
password
code
web
concept
protection
network
malware
identity
criminal
software
access
system
firewall
communication
business
privacy
spy
programmer
program
spyware
hacked
hacking conference
learn
how to
2022
cybersecurity
owned
securing
exploit
exploitation
recon
social engineering
Brandon Edwards
Nick Freeman
container escapes
docker
docker socket
mount points