| From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms |
|
|
|
| Leaky Vessels: Docker and runc container breakout vulnerabilities |
|
|
|
| AWS Chain Attack- Thousands of Vulnerable EKS Clusters |
|
|
|
| Red team: Journey from RCE to have total control of cloud infrastructure |
|
|
|
| #BrokenSesame: Accidental ‘write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services |
|
|
|
| Escalating Privileges with Azure Function Apps |
|
|
|
| Taking over “Google Cloud Shell” by utilizing capabilities and Kubelet |
|
|
|
| Exploiting Distroless Images |
|
|
|
| Securing Developer Tools: OneDev Remote Code Execution |
|
|
|
| Symlinks as mount portals: Abusing container mount points on MikroTik's RouterOS to gain code execution |
|
|
|
| FabricScape: Escaping Service Fabric and Taking Over the Cluster |
|
|
|
| Cloudflare Pages, part 1: The fellowship of the secret |
|
|
|
| AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation |
|
|
|
| Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities |
|
|
|
| CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google's KCTF Containers |
|
|
|
| Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances |
|
|
|
| runc mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs (CVE-2021-30465) |
|
|
|
| GKE Autopilot Node Compromise via Race Condition |
|
|
|
| GKE Autopilot Node Compromise via SSH Metadata |
|
|
|
| GKE Autopilot Node Compromise via startup-script |
|
|
|
| GKE Autopilot Node Compromise via local-storage PersistentVolume |
|
|
|
writeups.xyz
/
Container Escape