Hacking a Docker Container Registry

John Hammond
29 Jul 202424:34

Summary

TLDRThis video explores the CVE-2019-16097 vulnerability in the open-source Harbor container registry application. The script demonstrates how non-admin users could exploit the API to create admin accounts, a flaw patched in version 1.76. It guides viewers through setting up a vulnerable version, exploiting the vulnerability, and shows the fix in the updated version. The video also promotes Chainguard, a platform for securing open-source software, highlighting the importance of vigilance in software security.

Takeaways

  • 📚 The video discusses CVE-2019-16097, a vulnerability in the open-source container registry application Harbor.
  • 🔍 The vulnerability allowed non-admin users to create admin accounts via the API when Harbor was set up with a database as the authentication backend and self-registration was enabled.
  • 🛠️ The issue was patched in versions 1.76, 1.83, and 1.90, and the video demonstrates how to explore and exploit the vulnerability in earlier versions.
  • 💻 The video provides a step-by-step guide on cloning the Harbor repository from GitHub and setting up a local instance to explore the vulnerability.
  • 🔑 The script includes a demonstration of how to exploit the vulnerability using a Python script to send a crafted API request to create an admin account.
  • 🔒 The video emphasizes the importance of security in open-source software and the role of community and developers in identifying and patching vulnerabilities.
  • 👷‍♂️ The Harbor project is actively maintained, with recent commits and releases, showing the project's ongoing commitment to security and improvement.
  • 🎥 The video is sponsored by Chainguard, a company focused on securing open-source software, highlighting the industry's efforts to improve software security.
  • 🚀 The video serves as an educational resource, demonstrating not only the technical aspects of a vulnerability but also the process of responsible disclosure and remediation.
  • 🔄 The script walks through the process of checking out a specific version of the Harbor software to replicate the vulnerability, showcasing the importance of version control in security research.
  • 🛑 The video concludes with a reminder of the potential impact of vulnerabilities like CVE-2019-16097, emphasizing the need for continuous security practices and updates.

Q & A

  • What is the CVE number discussed in the video?

    -The CVE number discussed in the video is CVE-2019-16091.

  • What is the name of the open-source software project discussed in the video?

    -The open-source software project discussed in the video is Harbor.

  • Where can the Harbor project be found online?

    -The Harbor project can be found online at GitHub under the repository 'goharbor/harbor' and on their website at 'goharbor.io'.

  • What is the nature of the vulnerability in Harbor that the video discusses?

    -The vulnerability allows non-admin users to create admin accounts via a simple POST method across their API when Harbor is set up with the database as the authentication backend and allows users to self-register.

  • Which versions of Harbor were fixed to address the vulnerability?

    -The vulnerability was patched in versions 1.7.6, 1.8.3, and 1.9.0 of Harbor.

  • How can one clone the Harbor repository?

    -One can clone the Harbor repository using the command 'git clone' followed by the repository's URL from GitHub.

  • What is the default admin password for Harbor mentioned in the video?

    -The default admin password for Harbor mentioned in the video is 'Harbor12345'.

  • What is the sponsor of the video, and what do they offer?

    -The sponsor of the video is Chainguard, which offers the largest library of secure, containerized open-source software and helps ensure compliance and confidence in open-source software.

  • What is the purpose of the video regarding the Harbor vulnerability?

    -The purpose of the video is to provide an educational demonstration of the vulnerability, showcase how it can be exploited, and highlight the importance of open-source software security.

  • How does the video demonstrate the exploitation of the Harbor vulnerability?

    -The video demonstrates the exploitation by creating a Python script that sends a JSON request to the Harbor API with an added 'has_admin_role' property set to true, which allows the creation of an admin account.

  • What was the impact of the vulnerability when it was discovered?

    -When the vulnerability was discovered, there were about 1300 Harbor registries open to the internet with the vulnerable default setting, potentially allowing attackers to delete images, poison the registry, or take over the entire instance.

Outlines

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Mindmap

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Keywords

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Highlights

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Transcripts

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Browse More Related Video

Containers on AWS Overview: ECS | EKS | Fargate | ECR

¿QUE ES KUBERNETES? - Introducción al orquestador más usado

Network Security News Summary for Tuesday October 15th, 2024

Self-Host Next.js 15 on VPS in 8 Minutes (EASY!)

Incus: The New LXD

Invoke application deployed in Cloud Run from Apigee Proxy

Rate This

5.0 / 5 (0 votes)

Summary
Outlines
Mindmap
Keywords
Highlights
Transcripts
Related Tags
Vulnerability ShowcaseHarbor RegistryAPI SecurityPrivilege EscalationCVE-2019-16097Open-Source SoftwareCybersecurity EducationContainer SecurityPatch ManagementZero to Admin