A Docker analysis tools
Project description
dockerscan
dockerscan: A Docker analysis & hacking tools
Project site |
|
Issues |
|
Author |
Daniel Garcia (cr0hn) / Roberto Munoz (robskye) |
Documentation |
|
Last Version |
1.0.0-Alpha-02 |
Python versions |
3.5 or above |
What’s dockerscan
A Docker analysis tools
Very quick install
> python3.5 -m pip install -U pip
> python3.5 -m pip install dockerscanShow options:
> dockerscan -hAvailable actions
Currently Docker Scan support these actions:
Scan: Scan a network trying to locate Docker Registries
Registry
Delete: Delete remote image / tag
Info: Show info from remote registry
Push: Push an image (like Docker client)
Upload: Upload a random file
Image
Analyze: Looking for sensitive information in a Docker image.
Looking for passwords in environment vars.
Try to find any URL / IP in the environment vars.
Try to deduce the user used internally to run the software. This is not trivial. If the entry point is a .sh file. Read the file and try to find call to sudo-like: “sudo”, “gosu”, “sh -u”… And report the user found.
Extract: extract a docker image
Info: Get a image meta information
Modify:
entrypoint: change the entrypoint in a docker
trojanize: inject a reverser shell into a docker image
user: change running user in a docker image
What’s the difference from Clair or Docker Cloud?
The purpose of Dockerscan is different. It’s focussed in the attack phase.
Although Dockescan has some functionalities to detect vulnerabilities in Docker images and Docker registries, the objective is the attack.
Documentation
Documentation is still in progress… sorry!
For the moment we only have the slides presented at RootedCON Spain, the conference where Docker Scan was presented:
https://www.slideshare.net/secret/fxVqD2iXqanOCX
Or you can watch it in video format (recommended):
Also, you can watch a dockerscan usage demo:
Contributing
Any collaboration is welcome!
There are many tasks to do. You can check the Issues and send us a Pull Request.
License
This project is distributed under BSD license
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file dockerscan-1.0.0a3.tar.gz.
File metadata
- Download URL: dockerscan-1.0.0a3.tar.gz
- Upload date:
- Size: 32.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c14d5f8441f3136c464396ca27bca11cb65e6781df63f20501ac1fc537996ed2 |
|
| MD5 | 416f36f0eb0fb9de41a3292c2b0c82d8 |
|
| BLAKE2b-256 | 015f955ed76d1b3f2cbcbd891e0fa1887c01f7f2116d5c014dd5c82f7ab7985c |
