Bypassing API firewall : Unchecked JSON Structure and Attribute
Behind the scene, when you use Docker client, Docker client send HTTP request to communicate with the docker deamon via a REST API. But you can directly communicate with the API without the client. For example, the command docker ps is equivalent to GET /containers/json. Everything the Docker client can do can be done directly with the API.
For performing various checks, the docker firewall follows the JSON structure provided in the official docker API engine documentation. Some misconfigurations in the firewall can be exploited by providing the docker socket with a different JSON structure than the one sent by the docker client. Here an example in the following video, where an attacker uses this technique to escalate to the root user on the host machine.
In another scenario, an attacker can leverage the fact that some JSON attributes can not be set from the docker client and therefore not verified by the docker firewall. This misconfiguration in the firewall can be leveraged to run a container with additional privileges, capabilities. Here an example with the SYS_MODULE capability :