killchain-compendium/enumeration/docs/docker_enumeration.md

22 lines
494 B
Markdown
Raw Normal View History

2021-12-21 17:36:55 +01:00
# Docker Enumeration
## Save Images
* Save image and extract it
```sh
docker save -o image.tar <image-name>
tar -xf image.tar
```
* Run a container from the image and `printenv`
### Manifest
* Read the manifest inside the image extracted
```sh
jq . manifest.json
```
* Read the config JSON file mentioned in the manifest
* Inside this config file there are the shell commands used at building the image
* Snoop around after interesting files, especially inside the root dir in `layer.tar`