[Container Detection] .dockerenv

by skyper 1 year ago

GNU/Linux ◆ screen-256color ◆ bash 326 views

Container technologies (chroot, LXC, …) are very common these days, especially since the massive adoption of Docker.

One of the use cases of container technologies is to isolate services from each others and from the host system. As a result, in case of an intrusion the attacker is in theory trapped inside a container. From the attacker’s perspective, it is important to be able to detect if a compromised service lives in a restricted environment such as a Docker container or if it runs directly on the host operating system.

When containers are created by a Docker Engine, this last one adds a /.dockerenv file into them. The presence of this file is even used to this date by some underlying components of the Moby project for the exact same purpose, knowing if they run inside a container.

More by skyper

Faker Wi-Fi ESSID - Demo 00:46

by skyper 5 years ago

[Container Detection] cgroup 00:18

by skyper 4 years ago

ProbeQuest - Demo 00:30

by skyper 5 years ago

[Container Detection] inode 00:15

by skyper 4 years ago

See all

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay the downloaded recording in your terminal using the asciinema play command:

asciinema play 573103.cast

If you don't have asciinema CLI installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from the releases page (you only need .js and .css file), then use it like this:

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '/assets/573103.cast',
      document.getElementById('player'),
      { cols: 101, rows: 24 }
    );
  </script>
</body>
</html>

See asciinema player quick-start guide for full usage instructions.

While this site doesn't offer GIF conversion at the moment, you can still do it yourself with the help of asciinema GIF generator utility - agg.

Once you have it installed run the following command to create GIF file:

agg https://asciinema.org/a/573103 573103.gif

Or, if you already downloaded the recording file:

agg 573103.cast 573103.gif

Check agg --help for all available options. You can change font family and size, select color theme, adjust speed and more.

See agg manual for full usage instructions.