Prisoner Number Six

Presented at BSidesLV 2019, Aug. 7, 2019, 11 a.m. (55 minutes).

In the 1968 television series, the Prisoner, a former British intelligence agent is imprisoned on an island, called ""the Village', with other former spies. This pretty prison is a retirement home for those like him who ""know too much"".

On the island (called ‘The Village') prisoners are only referred to by their numbers, with our prisoner being Number 6.

In this session, we play a game in which we are Prisoner Number 6, a containerized application that ""knows too much' and our Village is a ""privileged' Docker container, which ""imprisons"" us.

During the game we constantly try to escape the Village and return home to the mainland.

Do we succeed to escape the Village? Join our session to find out.

During this session we will show how we attempt to escape the privileged container to reach the underlying host, using a number of different methods, such as loading a Linux kernel module into the underlying kernel, exploiting devices present inside the container to read and write host's files, and more.

At the end of the session we will attempt a real live escape from a Docker training website to remotely run code on the host.


Presenters:

  • Nimrod Stoler
    Nimrod Stoler is a cybersecurity researcher at CyberArk Labs where he focuses on researching the latest attack techniques and applying lessons learned to improve cyber defenses. Nimrod's primary research areas are network defense, DevOps analysis and security and Linux containers. Prior to CyberArk, Nimrod served in several high-technology roles doing research and development of software and hardware. Nimrod holds an LLB in law and BA in economics.
  • Lavi Lazarovitz
    Lavi leads a group of security researchers called Group Charlie which is focused on security research of emerging technologies. Lavi and his group are doing vulnerability research; writing about information security for security magazines and blogs in Israel and internationally; and coding prototypes and proof of concepts. Lavi holds a master's in computer science and cryptography and a CISSP which is always nice to have. Prior to his work at CyberArk, he served in the Israeli Air Force for 11 years as a pilot and as an intelligence officer.

Links:

Similar Presentations: