coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

GitBook: [master] 2 pages modified

Browse Source
This commit is contained in:
CPol 2021-09-25 13:27:46 +00:00 committed by gitbook-bot
parent a189ed4eda
commit aa66334182
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
linux-unix/privilege-escalation/docker-breakout.md
View File

@ -1,5 +1,15 @@
# Docker Breakout
## What is a container
In summary, it's an **isolated** **process** via **cgroups** \(what the process can use, like CPU and RAM\) and **namespaces** \(what the process can see, like directories or other processes\):
```bash
docker run -dt --rm denial sleep 1234 #Run a large sleep inside a Debian container
ps -ef | grep 1234 #Get info about the sleep process
ls -l /proc/<PID>/ns #Get the Group and the namespaces (some may be uniq to the hosts and some may be shred with it)
```
## Mounted docker socket
If somehow you find that the **docker socket is mounted** inside the docker container, you will be able to escape from it.

3
pentesting/pentesting-web/code-review-tools.md
View File

@ -2,12 +2,15 @@
## General
[**https://owasp.org/www-community/Source\_Code\_Analysis\_Tools**](https://owasp.org/www-community/Source_Code_Analysis_Tools#)\*\*\*\*
```bash
https://www.sonarqube.org/downloads/
https://deepsource.io/signup/
https://github.com/pyupio/safety
https://github.com/returntocorp/semgrep
https://github.com/WhaleShark-Team/cobra
https://github.com/insidersec/insider
# Find interesting strings
https://github.com/s0md3v/hardcodes