dockerscan: Docker security analysis & hacking tools – Penetration Testing

dockerscan

dockerscan: A Docker analysis & hacking tools

Project site

http://ift.tt/2tmlZ7F

Issues

http://ift.tt/2gPQr8C

Author

Daniel Garcia (cr0hn) / Roberto Munoz (robskye)

Documentation

http://ift.tt/2tmeVbd

Last Version

1.0.0-Alpha-02

Python versions

3.5 or above

What’s dockerscan

A Docker analysis tools

Very quick install

> python3.5 -m pip install -U pip
> python3.5 -m pip install dockerscan

Show options:

xx

Available actions

Currently, Docker Scan supports these actions:

Scan: Scan a network trying to locate Docker Registries

Registry

Delete: Delete remote image / tag

Info: Show info from remote registry

Push: Push an image (like Docker client)

Upload: Upload a random file

Image

Analyze: Looking for sensitive information in a Docker image.

Looking for passwords in environment vars.

Try to find any URL / IP in the environment vars.

Try to deduce the user used internally to run the software. This is not trivial. If the entry point is a .sh file. Read the file and try to find call to sudo-like: “sudo”, “gosu”, “sh -u”… And report the user found.

Extract: extract a docker image

Info: Get a image meta information

Modify:

entrypoint: change the entrypoint in a docker

trojanize: inject a reverser shell into a docker image

user: change running user in a docker image

What’s the difference from Clair or Docker Cloud?

The purpose of Dockerscan is different. It’s foccussed in the attack phase.

Although Dockescan has some functionalities to detect vulnerabilities in Docker images and Docker registries, the objective is the attack.

Documentation

Documentation is still in progress… sorry!

For the moment we only have the slides presented at RootedCON Spain, the conference where Docker Scan was presented:

http://ift.tt/2gPUL7H

Or you can watch it in video format (recommended):

Also, you can watch a dockerscan usage demo:

Source: http://ift.tt/2lx3xJK

The post dockerscan: Docker security analysis & hacking tools appeared first on Penetration Testing.

http://ift.tt/2gPQsJI http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s