Reorganizing docker section and adding docker security checklist

This commit is contained in:
Victor Ramos Mello 2021-04-05 13:54:21 +02:00 committed by GitHub
parent 8697afad45
commit 226c37d51a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -21,7 +21,6 @@ A curated list of awesome privilege escalation
* [Presentations](#presentations-1) * [Presentations](#presentations-1)
* [Linux and Windows](#linux-and-windows) * [Linux and Windows](#linux-and-windows)
* [Docker](#docker) * [Docker](#docker)
* [Docker escape](#docker-escape)
* [Tools](#tools-2) * [Tools](#tools-2)
* [Cloud](#cloud) * [Cloud](#cloud)
* [AWS](#aws) * [AWS](#aws)
@ -210,15 +209,14 @@ is intended to be executed locally on a Linux box to enumerate basic system info
## Docker ## Docker
- [Container security notes](https://gist.github.com/FrankSpierings/5c79523ba693aaa38bc963083f48456c) - [Container security notes](https://gist.github.com/FrankSpierings/5c79523ba693aaa38bc963083f48456c)
- [Escaping Docker container using waitid() CVE-2017-5123](https://www.twistlock.com/labs-blog/escaping-docker-container-using-waitid-cve-2017-5123/)
- [Escaping the Whale: Things you probably shouldnt do with Docker (Part 1)](https://blog.secureideas.com/2018/05/escaping-the-whale-things-you-probably-shouldnt-do-with-docker-part-1.html)
- [Hacking Docker the Easy way](https://pt.slideshare.net/BorgHan/hacking-docker-the-easy-way)
### Docker escape
- [Dirty COW - (CVE-2016-5195) - Docker Container Escape](https://blog.paranoidsoftware.com/dirty-cow-cve-2016-5195-docker-container-escape/) - [Dirty COW - (CVE-2016-5195) - Docker Container Escape](https://blog.paranoidsoftware.com/dirty-cow-cve-2016-5195-docker-container-escape/)
- [Docker security checklist](https://github.com/PercussiveElbow/docker-security-checklist)
- [Don't expose the Docker socket (not even to a container)](https://web.archive.org/web/20190623234615/https://www.lvh.io/posts/dont-expose-the-docker-socket-not-even-to-a-container.html) - [Don't expose the Docker socket (not even to a container)](https://web.archive.org/web/20190623234615/https://www.lvh.io/posts/dont-expose-the-docker-socket-not-even-to-a-container.html)
- [Escaping Containers to Execute Commands on Play with Docker Servers](https://www.bleepingcomputer.com/news/security/escaping-containers-to-execute-commands-on-play-with-docker-servers/) - [Escaping Containers to Execute Commands on Play with Docker Servers](https://www.bleepingcomputer.com/news/security/escaping-containers-to-execute-commands-on-play-with-docker-servers/)
- [Escaping Docker container using waitid() CVE-2017-5123](https://www.twistlock.com/labs-blog/escaping-docker-container-using-waitid-cve-2017-5123/)
- [Escaping the Whale: Things you probably shouldnt do with Docker (Part 1)](https://blog.secureideas.com/2018/05/escaping-the-whale-things-you-probably-shouldnt-do-with-docker-part-1.html)
- [Hack Allows Escape of Play-with-Docker Containers](https://threatpost.com/hack-allows-escape-of-play-with-docker-containers/140831/) - [Hack Allows Escape of Play-with-Docker Containers](https://threatpost.com/hack-allows-escape-of-play-with-docker-containers/140831/)
- [Hacking Docker the Easy way](https://pt.slideshare.net/BorgHan/hacking-docker-the-easy-way)
### Tools ### Tools
- [Deepce](https://github.com/stealthcopter/deepce): Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE) - [Deepce](https://github.com/stealthcopter/deepce): Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)