CVE-2024-21626

Rss每日更新推送到邮箱

My Rss Reader,一个Rss日更工具，已收集231个RSS源, 生成时间: 2024-03-07 06:08:59 项目地址 主要功能 收集RSS, 打造无广告内容优质的 头版头条 超赞新闻页 利用Github Actions, 搜集全部RSS的头版头条新闻标题和超链接, 并自动更新到首页,当天最新发布的文章会出现🌈 标志 邮件内容区开始> 今�

POC

CVE-2024-21626 POC

PoC of CVE-2024-21626 Read my full article for detailed explanation here Setup environment 🔨 A Download and install 22041-Ubuntu LTS version During the installation do not check the box to download update system B Install guest additions CD image to easily work with the virtual machine insert Guest additions CD image open terminal in the mounted CD image run the

a go security module for container runtime

go-containersec a go security module for container runtime Protect CVE-2024-21626 If you want to update runc to 1112, you can choose dmz as the entrypoint of the container: dmz entrypoint arg0 arg1 Another way to protect CVE-2019-5736 lifubang/runc#62 To use this similar way to protect CVE-2024-21626, we still have a little work to do, it will be comming soon

PoC and Detection for CVE-2024-21626

CVE-2024-21626 For detailed explanation for this vulnerability, plz refer to my article Exploit Exploit via Running a Container No need to build a custom image, just run a container with -w parameter: docker run -w /proc/self/fd/8 --name cve-2024-21626 --rm -it debian:bookworm

CVE-2024-21626-poc-research-Reappearance-andtodo

利用: 1git clone githubcom/cdxiaodong/CVE-2024-21626 2docker-compose up 验证: 如果获取到宿主的/etc/passwd 即存在该漏洞 环境: runc: >=v100-rc93,<=1111 攻击细节原理: 在 runc 受影响版本中，由于在初始化过程中泄露了部分内部文件描述符，包括对宿主的 /sys/fs/cgroup 的句柄，同时 runc 未验�

Reference Implementation of a so-called Honeycluster - for kind and RKE2

HoneyCluster to verify and quantify attack paths You start with your "normal" cluster, where you wish to (A) verify/quantify theoretical threat modelling assumptions or (B) to simply observe how your cluster will be attacked by interpreting the anomalous signals The four fold path to threat intelligence 1 Threat Model -> Attack Model -> Critical Attack

Leaky Vessels Dynamic Detector

Leaky Vessels Dynamic Detector In this repository you'll find a reference implementation for an eBPF-based runtime detection for the runc and Docker vulnerabilities CVE-2024-21626, CVE-2024-23651, CVE-2024-23652 and CVE-2024-23653 It hooks into Linux syscalls (eg, chdir, mount) and function invocations of the Docker daemon and associates them with Docker builds and con

pre-built see githubcom/ssst0n3/fd-listener/releases usage /listen -a allow_cmd1 [-a allow_cmd2] -d deny_cmd1 [-d deny_cmd2] eg /listen -a runc -a init -d root detect CVE-2024-21626 can be used to detect CVE-2024-21626

pre-built see githubcom/ssst0n3/fd-listener/releases usage /listen -a allow_cmd1 [-a allow_cmd2] -d deny_cmd1 [-d deny_cmd2] eg /listen -a runc -a init -d root detect CVE-2024-21626 can be used to detect CVE-2024-21626

Container Runtime Meetup #5 のLT用のデモ

CVE-2024-21626-demo Container Runtime Meetup #5 のLT用のデモ。 公知情報に則り攻撃の危険性を周知する目的であり、悪用は厳禁です。 スライド Container Runtime Meetup #5 〜そのイメージ、本当に信頼できますか？〜 CVE-2024-21626 でホストのrootを奪取する victim-server へのログイン デモ用laptopのssh_config�

【漏洞复现】CVE-2024-21626 docker runc逃逸漏洞 1、漏洞简介 漏洞名称 docker runc逃逸漏洞 漏洞编号 CVE-2024-21626 披露日期 2024-01-31 特征 / 影响版本 runc @ [v100-rc93,1111] 2、漏洞利用&POC/EXP 利用条件有点苛刻，需要受害者交互，个人认为有点鸡肋： 使用攻击者的恶意镜像（包�

Static detection tool for runc and Docker "Leaky Vessels" vulnerabilities

Leaky Vessels Static Detector A static analysis based exploit detector for runc and Docker vulnerabilities Overview runc processcwd & Leaked fds Container Breakout [CVE-2024-21626] CVE-2024-21626 is a vulnerability in the runc container runtime allowing an attacker to break out of the container isolation and achieve full root RCE via a crafted image that exploits an

公開職務経歴書

職務経歴書 公開職務経歴書です。 スキルセット: ソフトウェア研究開発 専門はサイバーセキュリティ・プライバシーテック・データベース・ストリーム処理など。コンピュータサイエンスに関する分野は一通り押さえている。 現在はトヨタ自動車株式会社にてAIセキュリティと車両

Leaky Vessels Dynamic Detector In this repository you'll find a reference implementation for an eBPF-based runtime detection for the runc and Docker vulnerabilities CVE-2024-21626, CVE-2024-23651, CVE-2024-23652 and CVE-2024-23653 It hooks into Linux syscalls (eg, chdir, mount) and function invocations of the Docker daemon and associates them with Docker builds and con

CVE-2024-21626-POC 使用说明 仅供教育/研究使用，任何与教育/研究无关的行为所产生的风险自行负责 使用 存在验证 bash verifysh 逃逸验证 # verifysh可以找出当前机器环境下对应的fd具体值，如果fd不为9，需要修改Dockerfile中的WORKDIR为 # 对应的值或在docker run中使用-w

runc-vuln-gadget This gadget detects when the following runc vulnerability is exploited and blocks its usage CVE-2024-21626 How to use Thanks to CVE-2024-21626, a container workload can access the host filesystem: $ docker run -ti --rm --workdir=/proc/self/fd/9 ubuntu grep ^ID= ///etc/os-release ID=fedora runc-vuln-gadget is able to

记录自己在云安全上的学习笔记等。

Cloud-Security About 记录自己关于云安全领域的学习文章、笔记、靶场记录、附件等。 项目目录 AWS aws的相关知识和常见的攻击方式 pwnedlabs的writeup Azure TODO CI-CD CICD的简单介绍 top-10-cicd-security-risks cicd-goat的writeup gitlab的一些攻击姿势，待补充 Jenkins的一些攻击姿势，待补充 teamcity的相关漏洞

CVE-2024-21626-POC 使用说明 仅供教育/研究使用，任何与教育/研究无关的行为所产生的风险自行负责 使用 docker build -t cve-2024-21626 docker run -it --rm cve-2024-21626 bash /pocsh # 另起一个terminal /bin/bashcopy 注意 不同docker/runc版本使用的具体文件描述符有所不同，例如docker

CVE-2024-21626 Overview This repository contains code examples for an app vulnerable to CVE-2024-21626 as well as an eBPF gadget to detect exploitation attempts You can use the provided code snippets and build files to try the detection program This repoistory was created as part of this blog post The gadget program is for demonstration purposes only and is not a full detecti

Runner githubcom/H454NSec/CVE-2023-42793 nitrocorg/en/posts/cve-2024-21626-illustrated/#exploit-via-setting-working-directory-to-procselffdfd docsportainerio/user/docker/volumes/add