Docker: Information disclosure

Background Docker is the world’s leading software containerization platform. Description It was found that Docker created network bridges which by default accept IPv6 router advertisements. Impact An attacker who gained access to a container with CAPNETRAW capability may be able to to spoof route...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for vulnerability research and testing. The target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments, including Flask,...

Yeti - Your Everyday Threat Intelligence

Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables e.g. resolve domains, geolocate IPs so that you don't have to. Yeti provides an interface for humans shiny...

docker-cli docker-engine security update

docker-cli 19.03.11-5 - Bugfix for 'docker images name' not working on docker 19.03.11-ol - Address CVE-2020-16845 19.03.11-4 - added patch for registry list 19.03.11-3 - update to 19.03.11 for CVE-2020-13401 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 - update to 19.03 18.09.1-1.0.6 - disable...

vulhub

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...

vulhub

It is an offensive tool for Docker environments. The tool is designed to create a vulnerable Docker environment for testing and training purposes. It provides a collection of pre-built vulnerable Docker environments, allowing users to execute two simple commands to create a vulnerable environment...

The vulnerability of the CAP_NET_RAW component in software for automated deployment and application management in Docker-enabled environments allows a attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the CAPNETRAW component in software for automated deployment and management of applications in Docker-enabled environments is related to the lack of a mechanism for checking input data. Exploiting this vulnerability can allow an attacker operating remotely to access...

Security Bulletin: Vulnerability identified in docker for Red Hat Enterprise Linux

Summary Vulnerability identified in docker package for Red Hat Enterprise Linux potentially impact IBM Cloud Pak System. Vulnerability Details CVEID: CVE-2020-14300 DESCRIPTION: Docker package for Red Hat Enterprise Linux could allow a remote attacker to execute arbitrary code on the system, caus...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability is a Server-Side Template Injection SSTI vulnerability in a Flask application. The repository contains a Docker Compose file that sets up a vulnerable environment for testing and demonstration...

AWS Cryptojacking Worm Spreads Through the Cloud

A cryptomining worm from the group known as TeamTNT is spreading through the Amazon Web Services AWS cloud and collecting credentials. Once the logins are harvested, the malware logs in and deploys the XMRig mining tool to mine Monero cryptocurrency. According to researchers at Cado Security, the...

vulhub

It is an offensive tool for web application security training. The repository contains a collection of pre-built vulnerable Docker environments, which can be used for training and testing web application security. The tool is designed to be easy to use, requiring only two simple commands to compi...

vulhub

This is an open-source collection of pre-built vulnerable docker environments, called Vulhub. It provides a simple way to create a vulnerable environment for testing and learning purposes. The project is maintained by phith0n and has a community of contributors and backers. The environments are...

GitLab: GitLab-Runner on Windows `DOCKER_AUTH_CONFIG` container host Command Injection

Summary GitLab-Runner, when running on Windows with a docker executor, is vulnerable to Command Injection via the DOCKERAUTHCONFIG build variable. Injected commands are executed on the container host, not within a Docker container, as such could compromise all future builds which are executed by...

DDoS attacks in Q2 2020

News overview Not just one but two new DDoS amplification methods were discovered last quarter. In mid-May, Israeli researchers reported a new DNS server vulnerability that lurks in the DNS delegation process. The vulnerability exploitation scheme was dubbed "NXNSAttack". The hacker sends to a...

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for testing and training purposes. The primary CVE ID is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose. The target product/service or...

FestIn - S3 Bucket Weakness Discovery

FestIn is a tool for discovering open S3 Buckets starting from a domains. It perform a lot of test and collects information from: DNS Web Pages Crawler S3 bucket itself like S3 redirections Why Festin There's a lot of S3 tools for enumeration and discover S3 bucket. Some of them are great but...

Gtunnel - A Robust Tunelling Solution Written In Golang

A TCP tunneling suite built with golang and gRPC. gTunnel can manage multiple forward and reverse tunnels that are all carried over a single TCP/HTTP2 connection. I wanted to learn a new language, so I picked go and gRPC. Client executables have been tested on windows and linux. Dependencies...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The repository contains a variety of vulnerable environments, including Flask SSTI, Apache Parsing Vulnerability, and more. The environments are designed to be easy to use, with simple installation and usage instructions...

Linux Container Enumeration

This module attempts to enumerate containers on the target machine and optionally run a command on each active container found. Currently it supports Docker, LXC and RKT. Module Options msf use post/linux/gather/enumcontainers msf postenumcontainers show actions ...actions... msf postenumcontaine...

CTF-Web-Challenges

This is a PHP challenge where the goal is to get a shell on the server. The challenge is hosted on a Docker container, and the PHP code is written in a way that makes it difficult to execute arbitrary code. The challenge involves using the session.uploadprogress feature in PHP, which allows us to...