Kali
Whoc is a container image that extracts the underlying container runtime and sends it to a remote server. Poke at the underlying container runtime of your favorite CSP container platform! WhoC at Defcon 29 Cloud Village Azurescape – whoc-powered research, the first cross-account container takeover in the public cloud (70,000$ bounty) How does it work? As …
Continue reading “Whoc : A Container Image That Extracts The Underlying Container Runtime”
Whoc is a container image that extracts the underlying container runtime and sends it to a remote server. Poke at the underlying container runtime of your favorite CSP container platform! How does it work? As shown by runc CVE-2019-5736, traditional Linux container runtimes expose themselves to the containers they’re running through /proc/self/exe. whoc uses this …
Continue reading “Whoc : A Container Image That Extracts The Underlying Container Runtime”
