Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Docker Registry Listing

By kannthu

Medium
Vidoc logoVidoc Module
#misconfig#docker#devops
Description

What is the "Docker Registry Listing?" module?

The "Docker Registry Listing" module is designed to detect misconfigurations in Docker registries. It targets Docker, a popular containerization platform used in DevOps environments. This module has a medium severity level.

Author: puzzlepeaches

Impact

This module helps identify potential security vulnerabilities in Docker registries. By detecting misconfigurations, it helps prevent unauthorized access to sensitive container images and reduces the risk of data breaches.

How does the module work?

The "Docker Registry Listing" module works by sending an HTTP GET request to the "/v2/_catalog" endpoint of the Docker registry. It then applies matching conditions to determine if the response indicates the presence of repositories and if the response header contains the "application/json" content type.

Example HTTP request:

GET /v2/_catalog

Matching conditions:

- The response body must contain the word "\"repositories\":" - The response header must contain the word "application/json"

If both conditions are met, the module reports a potential misconfiguration in the Docker registry.

Reference: https://notsosecure.com/anatomy-of-a-hack-docker-registry

Metadata: max-request: 1

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/v2/_catalog
Matching conditions
word: "repositories":and
word: application/json
Passive global matcher
No matching conditions.
On match action
Report vulnerability