DeepSec2020 Talk: Pivoting – As an Attack Weapon – Filipi Pires

Sanna/ October 27, 2020/ Conference

Demonstrating an exploit in a container environment (three dockers) across three different networks, I will demonstrate different pivot, vulnerability exploit, and privilege escalation techniques on all machines using Alpine linux, Gogs app, and other Linux platforms using Pentest methodologies such as recon, enumeration, exploitation, post exploitation. By the end of this presentation everyone will be able to see different ways that exist in working with a single form of pivot and how to overcome different obstacles in different networks within this “new” environment called Docker. We asked Filipi a few more questions about his talk. Please tell us the top 5 facts about your talk. During this presentation, we are looking at some important facts such as: Observability in different environment, vulnerability exploit, use of privilege escalation techniques, some misconfigurations or maybe no good

Read More