Passion
  • What is this GitBook about ?
  • Privilege Escalation
    • Linux
    • Windows
  • Network Security
    • Port Scanning
    • DNS Enumeration
    • FTP Enumeration
    • SSH Enumeration
    • SMB Enumeration
    • SMTP Enumeration
    • POP3 Enumeration
  • Checklists
    • Active Directory Security
    • OS Command Injection
    • Buffer Overflow
    • Broken Access Control
    • Local File Inclusion
    • SSRF
    • XXE Attacks
    • SQL Injection
    • XSS
  • WebApp Security
    • Local File Inclusion
    • File Upload Attacks
      • IIS Server File Upload
      • Escaping Sandbox via File Upload
    • Broken Access Control
      • Vertical PrivEsc
      • Horizontal PrivEsc
      • Horizontal => Vertical
    • OS Command Injection
    • SSTI
      • Finding the Injection Point
      • Indentification
      • Exploitation
    • XXE Attacks
      • XXE to LFI
      • XXE to SSRF
      • XXE via File upload
      • XInclude Attacks
      • Blind XXE Attacks
        • Identification
        • Exploitation
        • Blind XXE to LFI
        • Blind XXE by defining Local DTD
    • SQL Injection
    • Server Side Request Forgery
      • Various Attack Methods
      • Exploiting Blind SSRF
    • OAuth Attacks
      • In Password-Based Logins
    • XSS
      • Reflected XSS
      • Stored XSS
      • DOM XSS
      • Blind XSS
      • Perfecting our Payload
      • Exploiting Blind XSS
  • WebApp Mitigations
    • SSTI
  • Docker Security
    • Configuration
    • Ngnix Deployment
  • ☁️Cloud Security
    • AWS
      • Cloud Breach S3
      • IAM PrivEsc - RollBack
      • IAM PrivEsc - Attachment
Powered by GitBook
On this page
  • Physical Machine
  • Virtualization
  • Containers
  • Docker Process
  • How do we run Docker
  1. Docker Security

Configuration

Physical Machine

  • Hardware -> Operating System -> One specific application deployed.

Virtualization

  • Takes complete hardware resources, CPU processing power, Memory and RAM etc and started distributing it to various virtual machines using software called Hypervisor.

  • Hardware -> Host Operating System -> Hypervisor -> Guest OS -> Applications deployed.

Containers

  • Hardware -> Host Operating System -> Container -> Applications deployed

Application itself is contained in its own world, can be shipped to deployment.

Faster than Virtualization, Light-weight and Easy Deployment beacuse it directly deals with the Host OS/Hardware.

Docker Process

  • Developed our own App on a ubuntu image.

  • Create a docker file, a set of instructions which helps to build the docker image.

  • Build a docker image and then your docker container will run (with the help of our docker image)

  • Push the docker image to the docker hub and then it will be distributed to the Production Env and the QA

How do we run Docker

docker pull centos

docker pull ubuntu:16.04       // The tag(:), which specifies what version to download

This command is gonna pull the centos image from the docker hub, to create our containers.

docker run -d -t --name mydockerlinux centos

This command will run our docker centos image which was fetched from the hub with our custom linux name.

docker ps
docker container ls

This command will list all our docker processess which is running in the background.

docker exec -it mydockerlinux bash

This command will execute our centos image and give us a bash shell.

docker system prune -a
docker rm -f (Container ID)

These commands will delete all the containers/images present on the host and reclaims/returns the space utilised.

docker ps --filter "status=exited"
docker ps --filter "status=running"

These commands returns the current status of our docker images.

docker stats

docker start <CONTAINER ID>
docker stop <CONTAINER ID>
docker restart <CONTAINER ID>

These commands helps us to start | stop | restart any of the running containers, the stats command returns us the amount of memory used by the docker image

PreviousSSTINextNgnix Deployment

Last updated 2 years ago