tbhaxor
  • About Me
  • Series
  • Support Me

seccomp

A collection of 3 posts
Prevent Privilege Escalation from Container Breakout via UserNS Remapping
docker

Prevent Privilege Escalation from Container Breakout via UserNS Remapping

Hello World! In my previous posts, I have discussed a lot on how does a user with certain capabilities can escape the docker container and execute commands on the root of the host. The naive approach to fix this issue could be the combination of the following * Disable capabilities like
Jun 19, 2022 6 min read
Basics of Seccomp for Docker
docker

Basics of Seccomp for Docker

Seccomp is a kernel feature that allows you to filter syscalls for a specified process. In this article, you'll learn how to use strict and eBPF modes with your existing Docker configuration.
Jun 15, 2022 7 min read
Breakout from the Seccomp Unconfined Container
docker

Breakout from the Seccomp Unconfined Container

In this post, you'll discover how to exploit the CAP SYS MODULE capability in a privileged exec session to break out of a seccomp unconfined container that was launched with no extra rights or capabilities.
May 2, 2022 4 min read
Page 1 of 1
tbhaxor © 2023
Powered by Ghost