In what's shaping up to be a summer of container escapes, a pair of talks slated for Black Hat USA next month will explore the kinds of architectural weaknesses in operating systems and in container platforms that can make it easy for attackers break down the barriers of container isolation and run roughshod over cloud infrastructure.
In one talk, "The COW (Container on Windows) Who Escaped the Silo," the research will explore the inherent security architectural design problems in the way that Windows containers are isolated from the real host settings. Eran Segal, research team leader of SafeBreach, says he will delve into the technical details that show how Windows kernel architecture isn't built to handle containers with the same kind of native security capabilities as Linux kernel architecture. Some of the workarounds Windows has built in response to implement containers leaves Windows containers open to attack.
"Windows containers isolated as 'process isolation' are not isolated well and it is possible to impact the host from inside," Segal explains.
He's saving the technical details for his Black Hat presentation, but offers a tease that his demonstration will show how an attacker can create a malicious container with low privileges that can communicate with other containers and start wreaking havoc on the host.
"I can't share it before the talk, but I can say that I'll gain a permissions system inside the container, cause a DoS to the host, and manage to access the entire kernel memory, and it is highly possible that the kernel memory contains passwords," Segal says.
He hopes that the discussion will offer security practitioners and fellow researchers a glimpse into the mechanics behind how Windows containers are built, the vulnerabilities he found with them, and how to start rooting out flaws similar to the ones he'll recap.
"They will learn about the internals of process isolated Windows containers, the internals of the vulnerabilities I found, and a recipe for finding additional vulnerabilities such as the ones I found," he says.
The exploration of container escapes like the one Segal will demonstrate is not a new field of security research, but it is one that has been heating up considerably of late. Just last month at RSA Conference, executives with CrowdStrike detailed attack techniques that could take advantage of a bug they discovered in March in the CRI-O container engine that underpins Kubernetes. That demonstration showed how this cr8escape bug could be used by attackers to escape containers and gain root access on the host.
And last week, news broke of a flaw dubbed FabricScape that posed serious container escape risk from Linux containers within Microsoft's Azure Service Fabric technology. Discovered by security researchers from Palo Alto Networks, details of the flaw were released last week as a follow-on to Microsoft's patch that fixed the issue on June 14. The vulnerability was in a logging function with high privileges in Service Fabric's Data Collection Agent (DCA).
"The vulnerability could allow malicious actors to take over Linux hosting environments. It allows a compromised container to escape and take over the cluster running it," wrote Aviv Sasson and Ariel Zelivanski of Palo Alto's Unit 42 research team. “Containers could become malicious if they are broken into through either a known vulnerability or zero-day vulnerability, or through a supply-chain attack such as typosquatting or a malicious package."
Unit 42 researchers have been on a tear with container escape research this summer. A pair of researchers from the team, Yuval Avrahami and Shaul Ben Hai, will present the other big container escape talk at Black Hat next month. "Kubernetes Privilege Escalation: Container Escape == Cluster Admin?" will take a deep dive look into how attackers can abuse service account tokens in system pods to turn a single container escape into an attack that can take over an entire Kubernetes cluster. The researchers also will also present tools to help discover these pods within infrastructure and identify privilege escalation paths in a cluster. That will help security defenders better harden their container infrastructure from escapes and broader escalation of privileges on the host.