►
From YouTube: Windows came second
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
All
right,
thank
you,
everyone
for
joining
us
today
and
bearing
with
us
through
a
couple
microphone
issues,
but
we
are
ready
to
roll
welcome
to
today's
cncf
live
webinar
windows
came
second,
I'm
libby
schultz
and
I'll
be
moderating.
Today's
webinar
I'm
going
to
read
our
code
of
conduct
and
then
hand
it
over
to
daniel
prismant
senior
security
researcher
at
unit
42
with
palo
alto
networks.
A
A
few
housekeeping
items
before
we
get
started
during
the
webinar
you're,
not
able
to
speak
as
an
attendee,
but
there's
a
q,
a
box
that
we
have
been
using
already
at
the
bottom
of
your
screen
or
the
right
side.
Rather,
please
feel
free
to
drop
questions
there
and
daniel
will
get
to
as
many
as
he
can.
At
the
end.
This
is
an
official
webinar
of
the
cncf
and,
as
such
is
subject
to
the
cncf
code
of
conduct.
A
Please
do
not
add
anything
to
the
chat
or
questions
that
would
be
in
violation
of
that
code
of
conduct
and
please
be
respectful
of
all
of
your
fellow
participants
and
presenters.
Please
also
note
that
the
recording
and
slides
will
be
posted
later
today
on
the
cncf
online
programs.
Page
at
community.cncf.io,
under
online
online
programs,
they're
also
available
via
your
registration
link
and
the
recording
will
be
available
on
our
online
programs.
Youtube
playlist.
B
A
B
A
B
B
It
abused
the
issue
I
am
going
to
talk
about
today
to
break
out
of
the
container
burial
and
escape
to
the
host,
which
is
less
protected
from
there.
We
tried
to
use
the
kubernetes
config
file,
which
only
accessible
from
the
host
to
spread
to
the
rest
of
the
cluster
escaping
the
windows
machine
itself.
It
was
it
spread
it
to
the
rest
of
the
cluster.
So
if
the
cluster
had.
A
B
Okay:
okay,
now
that
we
have
the
proper
motivation,
let's
begin
so
other
containers.
I
know
this
is
a
cloud
event.
So
most
people
here
probably
know
what
the
container
is,
but
I
will
go
over
it
quickly,
just
in
case,
so
a
container
is
basically
an
operating
system
based
virtual
machine,
meaning
it
runs
inside
the
operating
system
with
the
same
kernel
as
the
operating
system.
It
uses
operating
system
features
to
isolate
the
virtual
machine
from
the
rest
of
the
system.
B
Unlike
virtual
machines
like
regular
virtual
machines,
which
is
the
comp
is
completely
separated,
operate,
operating
systems,
containers
can
run
anything
from
the
desired
container
must
must
match
the
operating
system's
version.
So,
for
example,
you
won't
be
able
to
run
windows
containers
on
the
linux
machine,
and
one
of
the
most
important
features
of
containers
is
that
they
pack
all
the
necessary
files
to
on
the
application.
B
So,
for
instance,
if
you
have
a
special
application
with
special
dependencies,
you
can
pack
it
all
in
a
lightweight
container
and
send
it
to
the
end
user
and
let's
go
over.
What
is
the
difference
between
the
containers
and
virtual
machines?
So
the
main
difference
is
that
containers
rely
on
operating
systems
to
make
its
isolation,
while
virtual
machines
rely
on
the
hardware,
so
virtual
machines
virtualize
everything,
including
the
kernel,
while
containers
run
on
the
same
kernel
as
their
host.
Because
of
that
containers
are
much
more
portable
and
efficient.
B
B
Okay,
diving
deeper
into
the
internals
of
containers.
Here
we
are
only
talking
about
linux
retails.
For
now
what
needs
to
be
contained?
Well,
obviously,
you
would
want
to
limit
the
containers
access
to
resources
such
as
cpu
ram
network
bandwidth,
disk
bandwidth
and
such
this
is
done
using
a
feature
called
see
groups.
B
These
features
allow
us
to
limit
resource
usage
for
a
group
of
processes.
You
would
want
to
limit
the
visibility
the
containers
have
too
so
if
we
would
only
limit
resources,
nothing
would
stop
a
malicious
container
from
just
changing
its
own
resource
limitations,
and
for
that
we
would
also
want
to.
We
would
also
want
to
limit
the
containers
visibility
to
some
of
the
host
objects,
such
as
processor
network
interfaces,
users
mounts
and
such,
and
this
is
done
using
a
feature
called
namespace.
B
Okay,
but
this
talk
is
about
windows
containers,
so,
let's
move
forward
to
windows
in
order
to
create
a
good
solution
for
containers
in
windows.
The
same
requirements
I
talked
about
I
talked
about
in
the
last
slide-
need
to
be
implemented
here.
B
A
B
B
A
B
B
B
A
B
In
the
windows
operating
systems,
without
getting
into
too
deep
about
this
mechanism,
it's
suffice
to
say
that
all
applications
visible
named
objects
such
as
file
registry
keys
events,
mutex
rpc,
ports,
stuff,
like
that,
are
hosted
in
a
root
namespace,
which
allows
applications
to
create,
locate
and
share
these
objects
among
users,
and
the
key
here
is
named
objects,
so
any
objects
that
you
can
access
from
your
code
using
a
name
is
a
named
object.
Usually.
B
And
stuff
like
that,
but
there
are
other
things:
okay,
so
take
a
look
at
this
screenshot
from
the
object
application
and
there
is
application
called
when
object.
It
shows
you,
the
wood
directory
object
it's
by
assisting
terminals
and
it
shows
the
root
directory
object
perfectly.
As
you
can
see
on
the
left,
there
are
many
directories
under
the
wood
directory
object
and
under
global
question
or
questionnaire.
There
are
tons
of
symbolic
links,
including
the
sea
letter.
A
B
You
are
accessing
your
c
drive
in
your
windows
machine.
It
is,
in
fact
a
symbol
in
clink
to
the
actual
device
and,
as
you
can
see,
there
are
many
more
symbolic
links
over
there,
but
the
most
relevant
to
us
is
indeed
the
ceiling
which
points
to
the
actual
file
system
device,
which
in
this
case
is
a
hardest
volume
tree
and
in
this
screenshot
you
can
see
a
wood
directory
object
of
the
host
and
not
a
container.
B
B
B
B
Okay,
let's
move
to
let's
move
on
to
an
actual
example
of
how
the
directory
object
is
used
in
a
simple
create
file
code.
So
the
crea
file
api
receives
a
file
path
and
returns
a
handle
to
the
file.
The
process
can
read,
write
or
do
other
actions
with
that
handle,
depending
on
their
permissions
of
their
process,
asked
when
they,
when
calling
their
create
file
and.
B
B
This
is
done
in
user
mode
before
the
call
arrives
to
the
kernel
and
after
that,
in
the
kernel,
the
kernel
queried
that
global
c
path
in
the
good
directory
object
that
they
show
earlier
and
received
the
destination
of
that
symbolic
link.
It
then
queried
that
destination
it
received
from
the
symbolic
link
still
under
the
wood
directory
object,
but
this
time
the
pulsing
end
with
an
actual
device
and
not
a
symbolic
link.
So
the
passing
is
over
at
this
point,
having
at
this
point
having
an
actual
device.
B
B
B
B
Okay,
so
before
giving
an
example
of
a
file
access
from
inside
a
container,
let's
discuss
how
the
system
decides
that
a
call
comes
from
a
container.
As
you
can
see
on
the
left.
There
are
plenty
of
functions
that
can
decide
if
a
call
comes
from
a
server
side
or
not,
and
the
kind
of
the
kernel
uses
different
functions
in
different
scenarios,
but.
B
Case
if
the
kernel
decides
a
call
can't
form
a
container,
it
queries
the
path
we
saw
before
the
global
c
path
relative
to
the
server
side
of
subdirectory
inside
the
wood
directory
object,
and
this
will
happen
every
x
and
every
axis
of
a
named
object
such
as
file.
So,
as
you
can
see
on
the
right,
it
will
try
to
query
and
pause
the
symbol
and
click
relative
to
the
silos
804
subdirectory
instead
from
the
root
directory
object.
B
Okay,
so
in
this
case
for
ida,
you
can
see
the
branch
in
the
kernel
where
it
decides
if
path
will
be
queried
to
the
actual
directory
object
or
to
the
server
side
of
subdirectory
in
the
root
directory
object,
and
this
is
done
using
the
psg
permanent,
silo
context.
Scanner
function,
which
is
one
of
the
many
functions
that
I
showed
earlier,
that
the
kernel
decides.
If
the
call
comes
from
server
side
or
not.
B
B
Accessing
a
file
from
a
container
as
before,
we
are
accessing
a
file
named
secret
dot
text
under
the
c
drive.
But
this
time
from
inside
the
container,
I'm
scoping
the
user
mode
part
where
the
api
has
the
global
part
before
the
c
letter
and
because
we
covered
it
already
and
jumping
straight
to
the
counterpart.
B
B
B
Okay,
but
take
a
look
at
the
at
the
screenshot,
and
this
is
the
interesting
part
that
virtual
hard
disk
device
isn't
a
device
at
all.
It's
a
symbol
in
clink2
which
points
to
itself
a
symbolic
link.
So
we
end
up
in
an
infinite
loop,
because
we
query
a
symbolic
link
that
its
target
is
the
same
symbolic
link.
B
So
we
will
query
it
again
and
symbolic
link
again-
and
this
was
the
point
of
my
research
when
I
realized
there
is
something
I'm
missing
here,
because
the
request
to
the
file
was
successful
and
I
was
able
to
read
and
write
to
the
file
in
my
container,
so
it
was
obviously
working,
but
on
the
other
hand
it
looked
like
we
should
have
been
stuck
in
an
infinite
loop.
So,
what's
going
on
here?
B
What
the
requirements
are
every
container,
either
in
linux
or
in
windows,
needs
to
be
able
to
communicate
with
some
of
the
host
devices.
It
can
be
a
screen
to
show
output
or
a
network
device
or
a
file
system.
B
So
in
the
way
windows
works.
Some
of
the
symbolic
links
must
point
to
the
device
in
the
hostel
directory
object
for
the
container
to
walk.
Otherwise,
the
container
the
container
won't
have
any
access
to
anything.
So,
for
example,
the
virtual
file
system
is
eventually
just
a
path
in
the
host
file
system
and
the
container
must
have
access
to
that
path.
So
it
must
have
some
access
to
the
host
file
system
device
and
we
are
getting
closer
to
the
actual
escape.
B
I
promise
the
way
it
is
done
in
windows
is
that
the
process
with
the
right
permission
permissions
can
set
a
symbolic
link
as
global
a
global.
B
Okay,
so
in
this
scan
shot,
you
can
clearly
see
the
condition
in
either
eax
holds
one
of
the
symbolic
links
parameter,
the
one
that
holds
if
a
symbolic
link
is
global
or
not,
and
if
it
is,
the
execution
will
take.
The
right
branch
will
and
will
retrieve
the
rule
directly
object
form
a
global
variable
in
the
kernel
and
if
not,
it
will
take
the
left
branch
and
then
we'll
have
to
get
the
silo
context.
First,
as
you
can
see,
the
left
branch
called
psg.
B
A
B
B
Doesn't
have
those
permissions
but
lucky
for
us.
There
is
another
process
in
the
container
scope,
meaning
it
is
visible
to
the
containers,
user
called
cxlservice.exe,
and
this
process
has
in
fact
sctv
privilege
among
other
privileges
and
lucky
for
us
again
by
default,
the
normal
container
user
is
administrator.
B
A
B
B
It's
not
globally
and
it
points
to
our
local
containerized
c
drive
doesn't
help
us,
and
then
we
call
empty
set
information,
symbolic
link
with
our
newly
created
symbolic
link
to
make
this
symbolic
link
global,
and
at
this
point
we
have
full
access
to
the
host
c
drive
by
using
our
local
x
right
and
from
there.
The
possibilities
are
endless.
B
Okay,
so
I'll
explain
it
again,
a
bit
slower.
We
create
a
c.
We
create
a
symbolic
link,
it's
not
global!
Yet
we
then
we
we
named
it
x
and
we
make
it
points
to
c,
and
so
we
basically
have
a
redundant
symbolic
links
x.
That
points
to
a
symbolic
link
c
inside
a
container
after
that
we
call
the
antecedent
information
symbol
in
clinton,
because
we
impersonated
a
process
that
has
the
permissions
and
we
give
it
the
parameter.
We
give
the
entity
information
involving
king
function.
We
gave
it
x
and
it
makes
it
global.
B
B
In
this
graph,
you
can
see
how
siloscape
operated
cytoscape
the
malware
from
the
beginning.
After
finding
a
vulnerable
cluster
using
services
like
shorthand,
it
used
known
one
days
to
get
its
payload
in
the
windows
container.
It
then
used
the
container
escape.
I
described
to
get
access
to
the
host
and,
after
that,
it
used
the
kubernetes
config
file
to
get
control
of
the
rest
of
the
cluster.
B
It
specifically
targeted
kubernetes,
using
using
windows
containers
after
after
breaking
out
of
the
container
and
gaining
access
to
the
to
the
host,
it
issued
a
kubernetes
command
to
see
its
permissions
in
the
cluster
and
if,
if
he
didn't
have
enough
permissions
to
create
other
deployments,
he
just
quitted
and
didn't
even
want
didn't
even
use
that
cluster.
So
what
I
was
thinking
it,
it
tried
to
just
gain
free
processing
power
and
if
it
can't
deploy
a
new
new
new
containers,
it
doesn't
help
it
very
much.
B
So
how
are.
B
A
B
Even
if
the
cluster
is
configured
properly,
someone
that
broke
out
of
the
container
to
the
host
will
be
able
to
con
to
control
the
containers
that
this
particular
host
is
hosting.
As.
B
Did
and
a
tackle
could
possibly
spread
in
the
rest
of
the
cluster
as
well.
If
the
cust,
the
cluster
is
not
well
configured
and
another
possibility
is
the
whole
container
as
a
service
service.
Imagine
a
cloud
provider
offering
windows
containers
as
a
service
and
not
part
of
an
entire
cluster.
An
attacker
can
host
a
malicious
container
and
break
out
of
his
own
container
and
gain
access
to
other
customers.
Private
containers-
and
I'm
not
saying
I
found
out
something
like
that
happened
or
happening.
I
just
think
it
it.
It
can
be
done.
B
Okay,
let's.
A
B
The
timeline,
as
you
can
see
in
the
timeline,
the
windows
containers
were
vulnerable
to
this
issue
for
quite
some
time,
almost
five
years
since
release.
But
the
more
important
issue
here
is
that
windows
containers
were
vulnerable
to
this
escape
over.
B
After
it
was
made
public
and
though,
during
this
time
anything
that
uses
windows
container
was
vulnerable
too,
as
a
byproduct,
as
as
we
can
as
we
as
we
saw
there,
are
there
were
players
in
the
in
the
community
like,
for
example,
stylescape
that
used
this
vulnerable
thing
that
made
public
to
gain
free
processing
power?
B
B
A
A
B
A
B
As
well,
so
there
is
a
special
variable
you
can
set
in
your
yaml
to
run
your
applications
as
container
user
instead
of
administrator,
and
this
was
a
possible
solution
for
cloud
providers
while
while
waiting
for
a
fix
for
microsoft,
simply
changing
the
default
user
inside
a
container.
So
if
I'm
a
cloud
provider
right
now
and
I'm
letting.
A
B
User
create
windows
containers
inside
the
cluster,
but
I
don't
want
them
to
be
vulnerable.
I
could
change
the
defaults
user
of
the
windows
container
to
contain
a
user
until
microsoft
fixes
this
issue
and
third
after
update
your
windows
host.
This
is
mostly
relevant
for
cloud
providers
and
not
the
user
or
for
users
who
are
running
their
own
cloud
environment
on
their
own
machine
and
so
keep
your
windows
host,
updated
and.
B
And
again,
this
is
relevant
for
both
users
and
cloud
providers
configure
your
kubernetes
properly.
So,
for
example,
in
the
case
of
cyloscape,
was
it
managed
to
break
out
of
out
of
the
container
to
the
host
and
spreading
the
in
the
entire
cluster?
And,
as
I
see
it,
there
is
no
reason
for
a
cluster
for
for
a
host
for
a
specific
cost
to
be
able
to
create
deployments
on
other
hosts
and
that's
what
happened
with
science.
B
A
B
A
B
Let
the
kernel
decide
if
the
process
always
thread
comes
from
a
server
side
or
not,
which
is
its
name,
suggests
checks
whether
the
current
thread
is
associated
with
the
process
inside
the
server
side
on
the
right,
you
can
see
how
the
function
looks
after
the
patch
and
on
the
left
it
how
it
looked
before
the
path,
so
they
simply
added
the
condition
to
check
it
makes
sense
to
check
if,
if,
if
call,
if
the
process,
that's
calling
the
anticipated.