🔐 Задача по Docker-безопасностиОдин из разработчиков случайно запустил Docker-контейнер с флагом --privileged на проде. Контейнер основан на ubuntu:latest

Библиотека хакера | Hacking, Infosec, ИБ, информационная безопасность

🔐 Задача по Docker-безопасности

Один из разработчиков случайно запустил Docker-контейнер с флагом --privileged на проде. Контейнер основан на ubuntu:latest, к нему открыт SSH-доступ, и в системе установлены capsh, nsenter и gcc.

Цель: получить root-доступ на хост-машине, используя уязвимую конфигурацию контейнера.

У вас есть:

– привилегии --privileged
– доступ внутрь контейнера
– доступ к системным namespace через nsenter

Выбирайте правильный ответ в опросе 🔜

🐸

Библиотека хакера

#междусобойчик

Please open Telegram to view this post

VIEW IN TELEGRAM

www.tg-me.com/br/Библиотека хакера | Hacking Infosec ИБ информационная безопасность/com.hackproglib/4227

893 viewsJun 9 at 07:02

tg-me.com/hackproglib/4227

Create: 2025-06-09
Last Update: 2025-06-15 11:56:21

Библиотека хакера | Hacking Infosec ИБ информационная безопасность Telegram | DID YOU KNOW?

How Does Telegram Make Money?

Telegram is a free app and runs on donations. According to a blog on the telegram: We believe in fast and secure messaging that is also 100% free. Pavel Durov, who shares our vision, supplied Telegram with a generous donation, so we have quite enough money for the time being. If Telegram runs out, we will introduce non-essential paid options to support the infrastructure and finance developer salaries. But making profits will never be an end-goal for Telegram.

The STAR Market, as is implied by the name, is heavily geared toward smaller innovative tech companies, in particular those engaged in strategically important fields, such as biopharmaceuticals, 5G technology, semiconductors, and new energy. The STAR Market currently has 340 listed securities. The STAR Market is seen as important for China’s high-tech and emerging industries, providing a space for smaller companies to raise capital in China. This is especially significant for technology companies that may be viewed with suspicion on overseas stock exchanges.