“Azure Cloud Shell is a browser-based shell experience to manage and develop Azure resources.
Cloud Shell offers a browser-accessible, pre-configured shell experience for managing Azure resources without the overhead of installing, versioning, and maintaining a machine yourself.”
so we will start right away with how things works in the backend of “Azure Cloud Shell” service.
While I was playing around with “Azure Cloud Shell”, I Immediately noticed that I run as a low-privileged user, that is not able to do much, except running the azure-cli command(s). I tried to gain higher privileges in different ways without luck.
Kubernetes is the leading container orchestration platform for SMB and enterprises that provides a fast deployment, load balancing, high availability, resource monitoring and is now widely offered as a service on different Cloud providers.
Microsoft Azure
During a security analysis that I have done on a customer’s containers environment running on Azure AKS (Azure Kubernetes Service), I found that the Kubernetes deprecated read-only port (10255) that was designed for metrics and “health” checks, can be accessed from any container that has no restrictions to the host IP addresses. by default, Cloud providers does not restrict the connectivity between containers(pods) and…
On the 30.5.2019 I Presented at OWASP Global AppSec Tel Aviv conference with my team leader Asher Genachowski.
The lecture was focused on docker containers security, security best practices, the dangers of privileged containers and more.
The following steps allow anyone who desire to recreate the demo by themselves.
The start point is an already-have shell access (assuming we hacked an application running on a container and we gained shell access)
Step 1:
Now that we have a shell on the container, we don’t really sure on what kind of system we hacked into, therefore we want to to…
Chen Cohen
Penetration Tester @eBay
