SlideShare a Scribd company logo

Down by the Docker

NotSoSecure Global Services
NotSoSecure Global Services

Docker is the new kool kid in town. This presentation covers some of the common goof-ups and what should be kept in mind when dealing with docker configurations. Download the Vulnerable Docker VM : https://www.notsosecure.com/vulnerable-docker-vm/

1 of 14
Download to read offline
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Down by the Docker
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Anant Shrivastava (@anantshri) ● Regional Director - NotSoSecure Global Services Limited ● 9 yrs of corporate experience ● Expertise in Network, Mobile, Application and Linux Security ● Speaker / Trainer : BlackHat, Nullcon, RootConf, c0c0n ● Co-author for OWASP Testing guide version 4 ● Project Lead : Code Vigilant, Android Tamer About Presenter
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker Overview
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Why Docker • Allows to get rid of “It works on my System” syndrome • Easy & Quick to setup environments and test beds • Loved by start-up's and for PoC Development teams • Loved by Google and likes for scalability and deployment ease • Secure: as secure as you configure it.
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. How does it differs for pentesters • From outside it will all be the same • /proc/1/cgroup will show docker references • pid 1 != init / launchd
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. How does it differs for pentesters • Bash / Python / Perl isn’t usually available • Containers are disposable hence no Persistence ensured • Containers can have different resources shared • Container crash === new spawn anywhere • Docker Internal Network (172.17.0.0/16) – https://docs.docker.com/engine/userguide/networking/ • Video: https://youtu.be/V42OQd7p-7Y
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker goof up: Running container process as root • By default host UID == container UID • Root in container == root on base box. • If a file system or part of it is shared, you have direct path to write privileges files and get root • docker run -itv /:/host alpine /bin/sh DEMO
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker goof up: Exposing docker sock / tcp • Docker socket == access to docker daemon • Docker could listen on port 2375 (noauth) 2376 (tls) • Generally: Dashboard or reporting application containers • Misconfiguration, (un)intended exposure = compromise • Video: https://youtu.be/6q7TBbUylbw DEMO
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker goof up: Unpatched host / guest • Docker shares kernel with the host • Kernel bugs will result in host compromise • Unpatched guest will result in guest compromise • Video: https://youtu.be/y7XoIOhWStc DEMO
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Security is by secure configuration • Docker security relies on secure configuration at all levels – Scrutinize “docker” group – Docker Socket : only available to root and docker group users – Docker daemon: only available to root and docker group users – Docker containers: run processes via limited users – Docker host + Guest: Keep then up-to-date • Scan Docker configuration files
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker configuration Review • Docker Security Scanning via DockerHub • Clair : https://github.com/coreos/clair • Atomic Scan: https://developers.redhat.com/blog/2016/05/02/introducing-atomic- scan-container-vulnerability-detection/ • https://anchore.com/ • Dockerscan : https://github.com/cr0hn/dockerscan • Dockscan: https://github.com/kost/dockscan • Nessus: https://www.tenable.com/blog/auditing-docker-with-nessus-66
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker VM • We have created a vulnerable docker VM that suffers from many of the vulnerabilities discussed throughout this session. This is available to download from the following URL: https://www.notsosecure.com/vulnerable-docker-vm/
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Questions?
© Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. END PRESENTATION

Recommended

IPv6 for Pentesters
IPv6 for PentestersIPv6 for Pentesters
IPv6 for Pentesters
NotSoSecure Global Services
 
Custom Rules & Broken Tools
Custom Rules & Broken ToolsCustom Rules & Broken Tools
Custom Rules & Broken Tools
NotSoSecure Global Services
 
Slides null puliya linux basics
Slides null puliya linux basicsSlides null puliya linux basics
Slides null puliya linux basics
Anant Shrivastava
 
Open Source Software - Please Drink Responsibly
Open Source Software - Please Drink ResponsiblyOpen Source Software - Please Drink Responsibly
Open Source Software - Please Drink Responsibly
Daniel Sauble
 
Kali Linux - Falconer
Kali Linux - FalconerKali Linux - Falconer
Kali Linux - Falconer
Tony Godfrey
 
OpenShift & SELinux with Dan Walsh @rhatdan
OpenShift & SELinux with Dan Walsh @rhatdanOpenShift & SELinux with Dan Walsh @rhatdan
OpenShift & SELinux with Dan Walsh @rhatdan
OpenShift Origin
 
Web Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to GoWeb Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to Go
Gene Gotimer
 
Csw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnologyCsw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnology
CanSecWest
 

Recommended

IPv6 for Pentesters
IPv6 for PentestersIPv6 for Pentesters
IPv6 for Pentesters
NotSoSecure Global Services
 
Custom Rules & Broken Tools
Custom Rules & Broken ToolsCustom Rules & Broken Tools
Custom Rules & Broken Tools
NotSoSecure Global Services
 
Slides null puliya linux basics
Slides null puliya linux basicsSlides null puliya linux basics
Slides null puliya linux basics
Anant Shrivastava
 
Open Source Software - Please Drink Responsibly
Open Source Software - Please Drink ResponsiblyOpen Source Software - Please Drink Responsibly
Open Source Software - Please Drink Responsibly
Daniel Sauble
 
Kali Linux - Falconer
Kali Linux - FalconerKali Linux - Falconer
Kali Linux - Falconer
Tony Godfrey
 
OpenShift & SELinux with Dan Walsh @rhatdan
OpenShift & SELinux with Dan Walsh @rhatdanOpenShift & SELinux with Dan Walsh @rhatdan
OpenShift & SELinux with Dan Walsh @rhatdan
OpenShift Origin
 
Web Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to GoWeb Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to Go
Gene Gotimer
 
Csw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnologyCsw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnology
CanSecWest
 
Exploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemExploiting publically exposed Version Control System
Exploiting publically exposed Version Control System
Anant Shrivastava
 
2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux
Jason Murray
 
ROP ‘n’ ROLL, a peak into modern exploits
ROP ‘n’ ROLL, a peak into modern exploitsROP ‘n’ ROLL, a peak into modern exploits
ROP ‘n’ ROLL, a peak into modern exploits
Alexandre Moneger
 
Hug #9 who's keeping your secrets
Hug #9 who's keeping your secretsHug #9 who's keeping your secrets
Hug #9 who's keeping your secrets
Cameron More
 
proxy2: HTTPS pins and needles
proxy2: HTTPS pins and needlesproxy2: HTTPS pins and needles
proxy2: HTTPS pins and needles
inaz2
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Anant Shrivastava
 
Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014
TGodfrey
 
Tools kali
Tools kaliTools kali
Tools kali
ketban0702
 
XFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnellingXFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnelling
Shakacon
 
Dock ir incident response in a containerized, immutable, continually deploy...
Dock ir incident response in a containerized, immutable, continually deploy...Dock ir incident response in a containerized, immutable, continually deploy...
Dock ir incident response in a containerized, immutable, continually deploy...
Shakacon
 
Kali presentation
Kali presentationKali presentation
Kali presentation
Zain Ul abadin
 
2600 av evasion_deuce
2600 av evasion_deuce2600 av evasion_deuce
2600 av evasion_deuceDb Cooper
 
Kali Linux
Kali LinuxKali Linux
Kali Linux
Chanchal Dabriya
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloud
Dobrica Pavlinušić
 
Enjoying k8s cluster with Minikube and Helm
Enjoying k8s cluster with Minikube and HelmEnjoying k8s cluster with Minikube and Helm
Enjoying k8s cluster with Minikube and Helm
ロフト くん
 
Open Canary - novahackers
Open Canary - novahackersOpen Canary - novahackers
Open Canary - novahackers
Chris Gates
 
Apache HttpD Web Server - Hardening and other Security Considerations
Apache HttpD Web Server - Hardening and other Security ConsiderationsApache HttpD Web Server - Hardening and other Security Considerations
Apache HttpD Web Server - Hardening and other Security Considerations
Andrew Carr
 
Stop disabling SELinux!
Stop disabling SELinux!Stop disabling SELinux!
Stop disabling SELinux!
Maciej Lasyk
 
penetration test using Kali linux ppt
penetration test using Kali linux pptpenetration test using Kali linux ppt
penetration test using Kali linux ppt
AbhayNaik8
 
ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)
NGINX, Inc.
 
Docker Concepts for Oracle/MySQL DBAs and DevOps
Docker Concepts for Oracle/MySQL DBAs and DevOpsDocker Concepts for Oracle/MySQL DBAs and DevOps
Docker Concepts for Oracle/MySQL DBAs and DevOps
Zohar Elkayam
 
Being a Moby maintainer
Being a Moby maintainerBeing a Moby maintainer
Being a Moby maintainer
Akihiro Suda
 

More Related Content

What's hot

Exploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemExploiting publically exposed Version Control System
Exploiting publically exposed Version Control System
Anant Shrivastava
 
2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux
Jason Murray
 
ROP ‘n’ ROLL, a peak into modern exploits
ROP ‘n’ ROLL, a peak into modern exploitsROP ‘n’ ROLL, a peak into modern exploits
ROP ‘n’ ROLL, a peak into modern exploits
Alexandre Moneger
 
Hug #9 who's keeping your secrets
Hug #9 who's keeping your secretsHug #9 who's keeping your secrets
Hug #9 who's keeping your secrets
Cameron More
 
proxy2: HTTPS pins and needles
proxy2: HTTPS pins and needlesproxy2: HTTPS pins and needles
proxy2: HTTPS pins and needles
inaz2
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Anant Shrivastava
 
Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014
TGodfrey
 
Tools kali
Tools kaliTools kali
Tools kali
ketban0702
 
XFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnellingXFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnelling
Shakacon
 
Dock ir incident response in a containerized, immutable, continually deploy...
Dock ir incident response in a containerized, immutable, continually deploy...Dock ir incident response in a containerized, immutable, continually deploy...
Dock ir incident response in a containerized, immutable, continually deploy...
Shakacon
 
Kali presentation
Kali presentationKali presentation
Kali presentation
Zain Ul abadin
 
2600 av evasion_deuce
2600 av evasion_deuce2600 av evasion_deuce
2600 av evasion_deuceDb Cooper
 
Kali Linux
Kali LinuxKali Linux
Kali Linux
Chanchal Dabriya
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloud
Dobrica Pavlinušić
 
Enjoying k8s cluster with Minikube and Helm
Enjoying k8s cluster with Minikube and HelmEnjoying k8s cluster with Minikube and Helm
Enjoying k8s cluster with Minikube and Helm
ロフト くん
 
Open Canary - novahackers
Open Canary - novahackersOpen Canary - novahackers
Open Canary - novahackers
Chris Gates
 
Apache HttpD Web Server - Hardening and other Security Considerations
Apache HttpD Web Server - Hardening and other Security ConsiderationsApache HttpD Web Server - Hardening and other Security Considerations
Apache HttpD Web Server - Hardening and other Security Considerations
Andrew Carr
 
Stop disabling SELinux!
Stop disabling SELinux!Stop disabling SELinux!
Stop disabling SELinux!
Maciej Lasyk
 
penetration test using Kali linux ppt
penetration test using Kali linux pptpenetration test using Kali linux ppt
penetration test using Kali linux ppt
AbhayNaik8
 
ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)
NGINX, Inc.
 

What's hot (20)

Exploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemExploiting publically exposed Version Control System
Exploiting publically exposed Version Control System
 
2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux
 
ROP ‘n’ ROLL, a peak into modern exploits
ROP ‘n’ ROLL, a peak into modern exploitsROP ‘n’ ROLL, a peak into modern exploits
ROP ‘n’ ROLL, a peak into modern exploits
 
Hug #9 who's keeping your secrets
Hug #9 who's keeping your secretsHug #9 who's keeping your secrets
Hug #9 who's keeping your secrets
 
proxy2: HTTPS pins and needles
proxy2: HTTPS pins and needlesproxy2: HTTPS pins and needles
proxy2: HTTPS pins and needles
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
 
Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014
 
Tools kali
Tools kaliTools kali
Tools kali
 
XFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnellingXFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnelling
 
Dock ir incident response in a containerized, immutable, continually deploy...
Dock ir incident response in a containerized, immutable, continually deploy...Dock ir incident response in a containerized, immutable, continually deploy...
Dock ir incident response in a containerized, immutable, continually deploy...
 
Kali presentation
Kali presentationKali presentation
Kali presentation
 
2600 av evasion_deuce
2600 av evasion_deuce2600 av evasion_deuce
2600 av evasion_deuce
 
Kali Linux
Kali LinuxKali Linux
Kali Linux
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloud
 
Enjoying k8s cluster with Minikube and Helm
Enjoying k8s cluster with Minikube and HelmEnjoying k8s cluster with Minikube and Helm
Enjoying k8s cluster with Minikube and Helm
 
Open Canary - novahackers
Open Canary - novahackersOpen Canary - novahackers
Open Canary - novahackers
 
Apache HttpD Web Server - Hardening and other Security Considerations
Apache HttpD Web Server - Hardening and other Security ConsiderationsApache HttpD Web Server - Hardening and other Security Considerations
Apache HttpD Web Server - Hardening and other Security Considerations
 
Stop disabling SELinux!
Stop disabling SELinux!Stop disabling SELinux!
Stop disabling SELinux!
 
penetration test using Kali linux ppt
penetration test using Kali linux pptpenetration test using Kali linux ppt
penetration test using Kali linux ppt
 
ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)
ModSecurity and NGINX: Tuning the OWASP Core Rule Set (Updated)
 

Similar to Down by the Docker

Docker Concepts for Oracle/MySQL DBAs and DevOps
Docker Concepts for Oracle/MySQL DBAs and DevOpsDocker Concepts for Oracle/MySQL DBAs and DevOps
Docker Concepts for Oracle/MySQL DBAs and DevOps
Zohar Elkayam
 
Being a Moby maintainer
Being a Moby maintainerBeing a Moby maintainer
Being a Moby maintainer
Akihiro Suda
 
Introducing resinOS: An Operating System Tailored for Containers and Built fo...
Introducing resinOS: An Operating System Tailored for Containers and Built fo...Introducing resinOS: An Operating System Tailored for Containers and Built fo...
Introducing resinOS: An Operating System Tailored for Containers and Built fo...
Balena
 
Use Docker to Enhance Your Testing
Use Docker to Enhance Your TestingUse Docker to Enhance Your Testing
Use Docker to Enhance Your Testing
TechWell
 
Microservices with Terraform, Docker and the Cloud. JavaOne 2017 2017-10-02
Microservices with Terraform, Docker and the Cloud. JavaOne 2017 2017-10-02Microservices with Terraform, Docker and the Cloud. JavaOne 2017 2017-10-02
Microservices with Terraform, Docker and the Cloud. JavaOne 2017 2017-10-02
Derek Ashmore
 
Core os dna_oscon
Core os dna_osconCore os dna_oscon
Core os dna_oscon
Patrick Galbraith
 
Oracle Database on Docker - Best Practices
Oracle Database on Docker - Best PracticesOracle Database on Docker - Best Practices
Oracle Database on Docker - Best Practices
gvenzl
 
Detailed Introduction To Docker
Detailed Introduction To DockerDetailed Introduction To Docker
Detailed Introduction To Docker
nklmish
 
Webinar by ZNetLive & Plesk- Winning the Game for WebOps and DevOps
Webinar by ZNetLive & Plesk- Winning the Game for WebOps and DevOps Webinar by ZNetLive & Plesk- Winning the Game for WebOps and DevOps
Webinar by ZNetLive & Plesk- Winning the Game for WebOps and DevOps
ZNetLive
 
Leveraging Docker for Hadoop build automation and Big Data stack provisioning
Leveraging Docker for Hadoop build automation and Big Data stack provisioningLeveraging Docker for Hadoop build automation and Big Data stack provisioning
Leveraging Docker for Hadoop build automation and Big Data stack provisioning
DataWorks Summit
 
Leveraging docker for hadoop build automation and big data stack provisioning
Leveraging docker for hadoop build automation and big data stack provisioningLeveraging docker for hadoop build automation and big data stack provisioning
Leveraging docker for hadoop build automation and big data stack provisioning
Evans Ye
 
Dockerizing Oracle Database
Dockerizing Oracle Database Dockerizing Oracle Database
Dockerizing Oracle Database
gvenzl
 
Hacking with ARM Mobile devices on Linux
Hacking with ARM Mobile devices on LinuxHacking with ARM Mobile devices on Linux
Hacking with ARM Mobile devices on Linux
Netwalker lab kapper
 
Parallelizing CI using Docker Swarm-Mode
Parallelizing CI using Docker Swarm-ModeParallelizing CI using Docker Swarm-Mode
Parallelizing CI using Docker Swarm-Mode
Akihiro Suda
 
Webinar: End-to-End CI/CD with GitLab and DC/OS
Webinar: End-to-End CI/CD with GitLab and DC/OSWebinar: End-to-End CI/CD with GitLab and DC/OS
Webinar: End-to-End CI/CD with GitLab and DC/OS
Mesosphere Inc.
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker
建澄 吳
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker
Chien Cheng Wu
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote World
DevOps.com
 
OpenShift_Installation_Deep_Dive_Robert_Bohne.pdf
OpenShift_Installation_Deep_Dive_Robert_Bohne.pdfOpenShift_Installation_Deep_Dive_Robert_Bohne.pdf
OpenShift_Installation_Deep_Dive_Robert_Bohne.pdf
ssuser9e06a61
 
Operating Neo4j Fabric in Multi-Zone Kubernetes Cluster.pptx
Operating Neo4j Fabric in Multi-Zone Kubernetes Cluster.pptxOperating Neo4j Fabric in Multi-Zone Kubernetes Cluster.pptx
Operating Neo4j Fabric in Multi-Zone Kubernetes Cluster.pptx
Neo4j
 

Similar to Down by the Docker (20)

Docker Concepts for Oracle/MySQL DBAs and DevOps
Docker Concepts for Oracle/MySQL DBAs and DevOpsDocker Concepts for Oracle/MySQL DBAs and DevOps
Docker Concepts for Oracle/MySQL DBAs and DevOps
 
Being a Moby maintainer
Being a Moby maintainerBeing a Moby maintainer
Being a Moby maintainer
 
Introducing resinOS: An Operating System Tailored for Containers and Built fo...
Introducing resinOS: An Operating System Tailored for Containers and Built fo...Introducing resinOS: An Operating System Tailored for Containers and Built fo...
Introducing resinOS: An Operating System Tailored for Containers and Built fo...
 
Use Docker to Enhance Your Testing
Use Docker to Enhance Your TestingUse Docker to Enhance Your Testing
Use Docker to Enhance Your Testing
 
Microservices with Terraform, Docker and the Cloud. JavaOne 2017 2017-10-02
Microservices with Terraform, Docker and the Cloud. JavaOne 2017 2017-10-02Microservices with Terraform, Docker and the Cloud. JavaOne 2017 2017-10-02
Microservices with Terraform, Docker and the Cloud. JavaOne 2017 2017-10-02
 
Core os dna_oscon
Core os dna_osconCore os dna_oscon
Core os dna_oscon
 
Oracle Database on Docker - Best Practices
Oracle Database on Docker - Best PracticesOracle Database on Docker - Best Practices
Oracle Database on Docker - Best Practices
 
Detailed Introduction To Docker
Detailed Introduction To DockerDetailed Introduction To Docker
Detailed Introduction To Docker
 
Webinar by ZNetLive & Plesk- Winning the Game for WebOps and DevOps
Webinar by ZNetLive & Plesk- Winning the Game for WebOps and DevOps Webinar by ZNetLive & Plesk- Winning the Game for WebOps and DevOps
Webinar by ZNetLive & Plesk- Winning the Game for WebOps and DevOps
 
Leveraging Docker for Hadoop build automation and Big Data stack provisioning
Leveraging Docker for Hadoop build automation and Big Data stack provisioningLeveraging Docker for Hadoop build automation and Big Data stack provisioning
Leveraging Docker for Hadoop build automation and Big Data stack provisioning
 
Leveraging docker for hadoop build automation and big data stack provisioning
Leveraging docker for hadoop build automation and big data stack provisioningLeveraging docker for hadoop build automation and big data stack provisioning
Leveraging docker for hadoop build automation and big data stack provisioning
 
Dockerizing Oracle Database
Dockerizing Oracle Database Dockerizing Oracle Database
Dockerizing Oracle Database
 
Hacking with ARM Mobile devices on Linux
Hacking with ARM Mobile devices on LinuxHacking with ARM Mobile devices on Linux
Hacking with ARM Mobile devices on Linux
 
Parallelizing CI using Docker Swarm-Mode
Parallelizing CI using Docker Swarm-ModeParallelizing CI using Docker Swarm-Mode
Parallelizing CI using Docker Swarm-Mode
 
Webinar: End-to-End CI/CD with GitLab and DC/OS
Webinar: End-to-End CI/CD with GitLab and DC/OSWebinar: End-to-End CI/CD with GitLab and DC/OS
Webinar: End-to-End CI/CD with GitLab and DC/OS
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote World
 
OpenShift_Installation_Deep_Dive_Robert_Bohne.pdf
OpenShift_Installation_Deep_Dive_Robert_Bohne.pdfOpenShift_Installation_Deep_Dive_Robert_Bohne.pdf
OpenShift_Installation_Deep_Dive_Robert_Bohne.pdf
 
Operating Neo4j Fabric in Multi-Zone Kubernetes Cluster.pptx
Operating Neo4j Fabric in Multi-Zone Kubernetes Cluster.pptxOperating Neo4j Fabric in Multi-Zone Kubernetes Cluster.pptx
Operating Neo4j Fabric in Multi-Zone Kubernetes Cluster.pptx
 

Recently uploaded

Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 

Recently uploaded (20)

Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 

Down by the Docker

  • 1. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Down by the Docker
  • 2. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Anant Shrivastava (@anantshri) ● Regional Director - NotSoSecure Global Services Limited ● 9 yrs of corporate experience ● Expertise in Network, Mobile, Application and Linux Security ● Speaker / Trainer : BlackHat, Nullcon, RootConf, c0c0n ● Co-author for OWASP Testing guide version 4 ● Project Lead : Code Vigilant, Android Tamer About Presenter
  • 3. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker Overview
  • 4. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Why Docker • Allows to get rid of “It works on my System” syndrome • Easy & Quick to setup environments and test beds • Loved by start-up's and for PoC Development teams • Loved by Google and likes for scalability and deployment ease • Secure: as secure as you configure it.
  • 5. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. How does it differs for pentesters • From outside it will all be the same • /proc/1/cgroup will show docker references • pid 1 != init / launchd
  • 6. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. How does it differs for pentesters • Bash / Python / Perl isn’t usually available • Containers are disposable hence no Persistence ensured • Containers can have different resources shared • Container crash === new spawn anywhere • Docker Internal Network (172.17.0.0/16) – https://docs.docker.com/engine/userguide/networking/ • Video: https://youtu.be/V42OQd7p-7Y
  • 7. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker goof up: Running container process as root • By default host UID == container UID • Root in container == root on base box. • If a file system or part of it is shared, you have direct path to write privileges files and get root • docker run -itv /:/host alpine /bin/sh DEMO
  • 8. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker goof up: Exposing docker sock / tcp • Docker socket == access to docker daemon • Docker could listen on port 2375 (noauth) 2376 (tls) • Generally: Dashboard or reporting application containers • Misconfiguration, (un)intended exposure = compromise • Video: https://youtu.be/6q7TBbUylbw DEMO
  • 9. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker goof up: Unpatched host / guest • Docker shares kernel with the host • Kernel bugs will result in host compromise • Unpatched guest will result in guest compromise • Video: https://youtu.be/y7XoIOhWStc DEMO
  • 10. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Security is by secure configuration • Docker security relies on secure configuration at all levels – Scrutinize “docker” group – Docker Socket : only available to root and docker group users – Docker daemon: only available to root and docker group users – Docker containers: run processes via limited users – Docker host + Guest: Keep then up-to-date • Scan Docker configuration files
  • 11. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker configuration Review • Docker Security Scanning via DockerHub • Clair : https://github.com/coreos/clair • Atomic Scan: https://developers.redhat.com/blog/2016/05/02/introducing-atomic- scan-container-vulnerability-detection/ • https://anchore.com/ • Dockerscan : https://github.com/cr0hn/dockerscan • Dockscan: https://github.com/kost/dockscan • Nessus: https://www.tenable.com/blog/auditing-docker-with-nessus-66
  • 12. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Docker VM • We have created a vulnerable docker VM that suffers from many of the vulnerabilities discussed throughout this session. This is available to download from the following URL: https://www.notsosecure.com/vulnerable-docker-vm/
  • 13. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. Questions?
  • 14. © Copyright 2017 NotSoSecure Global Services Limited, all rights reserved. END PRESENTATION