[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [FD] A Tale of Escaping a Hardened Docker container
From: Red Timmy Security <publications () redtimmy ! com>
Date: 2020-08-23 14:20:40
Message-ID: 1aa3ec7947e9f868cab9d84851f7d467 () redtimmy ! com
[Download RAW message or body]
Hello,
in a recent security assessment we have managed to escape out of a
docker container by circumventing an ad-hoc reverse proxy that was
supposed to prevent abuse of "docker.sock" file exposure.
Full story here:
https://www.redtimmy.com/docker/a-tale-of-escaping-a-hardened-docker-container/
regards
Redtimmy Security
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic