Chw00t: Breaking Unices' chroot solutions

Cite

Related Material

Hacktivity

Bucsay, Balázs

Formal Metadata

Title

Chw00t: Breaking Unices' chroot solutions

Title of Series

Hacktivity 2015

Part Number

Number of Parts

Author

Bucsay, Balázs

License

CC Attribution 3.0 Germany:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/18833 (DOI)

Publisher

Hacktivity

Release Date

2015

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

Chroot is not a security solution, still lots of people use it as it was one. Based on chroot, Jail was introduced in FreeBSD, Containers in Solaris, and LXC on Linux. However, Unices implemented chroot in different ways. Some of the implementations are easy to break, some of them are just partly breakable but one thing is sure: you would be surprised how many. The presentation focuses on escape techniques and the tool called chw00t, a small handy one that makes it easy to pop shells out of the chroot environment.