Breaking Cloud Isolation presented at HackInTheBox 2014

by Ivan Novikov,

Summary : This presentation consists of practical cases with examples of how to break different isolation mechanisms (resources/sessions/network) in cloud-based implementations. Cloud architecture can process data from several different clients in the same environment. It is thus important to isolate data in order to protect it from unauthorized access.
In this presentation we will cover vulnerabilities and by-design bugs in real-world cloud implementations including the most popular US and German hosting and cloud providers, that led to data being compromised. All vulnerabilities were discovered during an analysis period spanning 2012 – 2013. We will focus on the following types of isolation mechanisms:
- File resources
- User sessions
- Data in databases
- Network access
- Execution context of OS (uid)
Exploitation techniques covered will include:
- Fastcgi issues
- CHUID/CHOWN issues at self daemons
- Race condition issues at UNIX scripts
- Auth issues in internal API
- Host-based restrictions abuse
- 5+ others