Awesome

'Reverse Engineering and Exploiting Builds in the Cloud' Conference Material Repository

This repository contains material and slides for the talk Reverse Engineering and Exploiting Builds in the Cloud:

• cheatsheet.md contains multiple commands, Dockerfiles, YML configs that can assist you in your build environment reversing.
• slides.pdf are the presentation slides.
• Recording

References

This research would not be possible without the contribution and effort from others in the field. Here are a list of resources that have helped us.

• https://docs.docker.com/engine/security/https/
• https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#cp
• https://docs.docker.com/engine/reference/commandline/exec/
• https://github.com/GoogleContainerTools/container-structure-test
• https://github.com/coreos/clair
• https://github.com/aquasecurity/docker-bench
• https://www.cisecurity.org/benchmark/docker/
• https://github.com/Frichetten/CVE-2019-5736-PoC
• https://www.twistlock.com/labs-blog/breaking-docker-via-runc-explaining-cve-2019-5736/
• https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101/
• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-classic-platform.html
• https://github.com/wagoodman/dive
• https://github.com/cji/talks/blob/master/BruCON2018/Outside%20The%20Box%20-%20BruCON%202018.pdf
• https://github.com/singe/container-breakouts
• https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/
• https://zwischenzugs.com/2015/06/24/the-most-pointless-docker-command-ever/
• https://github.com/moby/moby/pull/9437
• https://circleci.com/blog/triggering-trusted-ci-jobs-on-untrusted-forks/
• https://discuss.circleci.com/t/june-2019-machine-security-incident/31101/2
• https://unit42.paloaltonetworks.com/docker-patched-the-most-severe-copy-vulnerability-to-date-with-cve-2019-14271/