Hello,
in a recent security assessment we have managed to escape out of a
docker container by circumventing an ad-hoc reverse proxy that was
supposed to prevent abuse of "docker.sock" file exposure.
Full story here:
https://www.redtimmy.com/docker/a-tale-of-escaping-a-hardened-docker-container/
regards
Redtimmy Security
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
