Our Scenarios
system exploitation

Vulnerable Dockers

Info

This scenario will take you through the process of identifying and exploiting vulnerabilities in docker environment with aim of demonstrating cloud security risks and challenges,

Disclaimer!
This scenario is partially based on content from notsosecure and Heroku

Based on the original content, we have improved on it as follows:

  • Availed a virtual environment to aid in your setup.
  • Compiled and enriched content from various sources into a single point.

What you will learn

At the completion of the scenario, you will be able to enumerate hosts and identify instances of docker container, review Dockerfile for misconfigurations and backdoors. Specifically, you will learn the following.

  • Use of metasploit, wpscan, nmap for enumeration and co
  • Static analysis of Dockerfiles

Scenario Pre-requisites / recommendations

This scenario requires the following: - Basic knowledge of Linux operating systems. - Basic knowledge of nmap, wpscan and metasploit. - Basic knowledge of Docker

Technical Details

  • This scenario has a 3 virtual machine.
  • MODESINGLEPLAYER
  • TYPECCL
  • DIFFICULTYINTERMEDIATE
  • TIME180 MINUTES
  • COST100 CRYSTALS
SHARE