GitBook: No commit message

This commit is contained in:
CPol 2021-10-10 23:22:13 +00:00 committed by gitbook-bot
parent b50804bfa4
commit e1f7939f2b
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
2 changed files with 4 additions and 2 deletions

View file

@ -224,7 +224,7 @@ Note that you can **add/remove** **capabilities** to the docker container (this
* `--cap-add=SYS_ADMIN`_ _give_ _`SYS_ADMIN` cap * `--cap-add=SYS_ADMIN`_ _give_ _`SYS_ADMIN` cap
* `--cap-add=ALL`_ _give_ _all caps * `--cap-add=ALL`_ _give_ _all caps
* `--cap-drop=ALL --cap-add=SYS_PTRACE` drop all caps and only give * `--cap-drop=ALL --cap-add=SYS_PTRACE` drop all caps and only give `SYS_PTRACE`
{% hint style="info" %} {% hint style="info" %}
Usually, when you **find** that you have a **privileged capability** available **inside** a **docker** container **but** some part of the **exploit isn't working**, this will be because docker **apparmor will be preventing it**. Usually, when you **find** that you have a **privileged capability** available **inside** a **docker** container **but** some part of the **exploit isn't working**, this will be because docker **apparmor will be preventing it**.

View file

@ -322,7 +322,9 @@ User=bob
AmbientCapabilities=CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_BIND_SERVICE
``` ```
## Malicious Use ##
## CapabilitMalicious Use
Capabilities are useful when you **want to restrict your own processes after performing privileged operations** (e.g. after setting up chroot and binding to a socket). However, they can be exploited by passing them malicious commands or arguments which are then run as root. Capabilities are useful when you **want to restrict your own processes after performing privileged operations** (e.g. after setting up chroot and binding to a socket). However, they can be exploited by passing them malicious commands or arguments which are then run as root.