Container Carnage: Exploiting Container-Centric Datacenter Platforms presented at saintcon 2016

by Scott Pack, Bryce Kunz,

Summary : Welcome to the new age where technologies like DC/OS, Mesos, and Marathon will abstract your entire datacenter into a single logical computer but what happens when a single app/service within your DataCenter’s OS inevitability gets compromised?
Join us as we explore how a single compromise can enable an attacker to expand access by exploiting many of the technologies supporting a container centric datacenter including ZooKeeper, Docker, and HAProxy. New modules will be released for EmPyre which will enable penetration testers to more efficiently identify and exploit vulnerabilities within these technologies.
DC/OS, Mesos, Marathon, Docker, and/or ZooKeeper expertise is not required since this presentation will cover how each of these technologies works before highlighting how they can be manipulated by an attacker. The information presented is designed to be useful for both Offensive (Red Team) & Defensive (Blue Team) members.