Raising questions about the security of a popular method of distributing applications, a researcher from Aqua Security has published documentation of a potential attack approach that allows a hacker to plant malware via Docker Inc. “container” software and activate code on targeted systems.

The research, presented at the Black Hat USA 2017 cybersecurity conference in Las Vegas late last week, was documented by Sagie Dulce, senior security researcher for Aqua Security, as a way to show how one developer who accesses a malicious web page can place an entire container ecosystem at risk. Docker makes software for distributing applications in containers, which allow applications to run across multiple kinds of computers.

“There’s a pretty big community of developers running containers,” said Dulce. “If there’s a big community, there’s a big surface to attack.”

The attack, presented as a test case without any known instance of execution, began with access to a Docker application programming interface via an active Transmission Control Protocol or TCP port, a connection to a network. The end result was a malicious “shadow” container that could run continuously on a developer’s system without detection.

Docker issues a patch

Dulce said he provided documentation to Docker of his research. Docker spokesman Dan Sorenson told SiliconANGLE in a statement that the vulnerability was validated and patched within two weeks.

“The patch permanently disabled the TCP port by default,” Sorenson explained. “On the page where a user could activate the TCP port, there is an explicit warning prominently displayed that says doing so could put their system at risk. Should someone enable the port, despite the warning, Docker’s image scanning and signing is designed to protect against these attacks.”

Dulce’s research was designed to raise awareness within the operations security community that developers pose a more significant risk than many people realize to corporate enterprises because of their high privilege on machines, with across-the-board access to code, Internet Protocol and registries. “Even a single (compromised) developer may cause your entire pipeline to be affected,” said the Aqua Security researcher.

Until Docker changed the configuration, the default for personal computers running Docker for Windows exposed APIs through TCP. The Windows tool is a popular way for developers to test and build container applications.

A specially crafted JavaScript exploit on a malicious webpage accessed by a developer can bypass browser protection features and enable the multistage attack. From there, Aqua researchers were able to develop a “Host Rebinding Attack” which redirects a host IP address to a different one. By spoofing name resolution protocols, known as NetBIOS and LLMNR, attackers can create a new container running inside the virtual machine that executes malicious code.

According to Dulce, by creating a container that is both persistent and concealed, attackers can execute commands against the Docker daemon, a program that runs in the background, and leverage root access inside the virtual machine environment. This kind of access also allows malicious actors to find more open ports and infect additional machines. Dulce said a successful attack on the Docker daemon is not limited only to Windows, but can be implemented on Linux or Mac as well with some differences in the methods used.

Preventing attacks

The researcher offered a number of suggestions for ways that developers can prevent the kind of attack he was able to build from becoming reality in the enterprise. These include not exposing container APIs through open ports and making sure that those who access APIs are authorized to do so.

Dulce also recommended analyzing container logs, since these could have provided hints at unusual actions running inside the Docker environment. Additional steps include disabling NetBIOS and LLMNR protocols, continuously scanning images in registries and monitoring containers during runtime.

Photo: Black Hat