tbhaxor's Blog
  • About Me
  • Series
  • Support Me
Sign in Subscribe

seccomp

A collection of 3 posts
Prevent Privilege Escalation from Container Breakout via UserNS Remapping
docker

Prevent Privilege Escalation from Container Breakout via UserNS Remapping

Hello World! In my previous posts, I have discussed a lot on how does a user with certain capabilities can escape the docker container and execute commands on the root of the host. The naive approach to fix this issue could be the combination of the following * Disable capabilities like
19 Jun 2022 6 min read
Basics of Seccomp for Docker
docker

Basics of Seccomp for Docker

Seccomp is a kernel feature that allows you to filter syscalls for a specified process. In this article, you'll learn how to use strict and eBPF modes with your existing Docker configuration.
15 Jun 2022 7 min read
Breakout from the Seccomp Unconfined Container
docker

Breakout from the Seccomp Unconfined Container

In this post, you'll discover how to exploit the CAP SYS MODULE capability in a privileged exec session to break out of a seccomp unconfined container that was launched with no extra rights or capabilities.
02 May 2022 4 min read
Page 1 of 1
tbhaxor's Blog © 2025
Powered by Ghost