0

TL:DR; What are good learning resources for security testing a software which runs with Docker on Ubuntu.

I am in junior position at this company, and they figured it would be good if I just test their software from security perspective. I already learned a bit about hacking, but it was mainly webservers, CTFs, Tryhackme, HTB, so nothing connected to RE or cracking. I don't know how to start, I mean, I found a lot of knowledge about RE on Windows, or CIS Docker Benchmark, but I didn't find any articles, specifically about reverse engineering/cracking on Docker on Linux.

The product is running on Ubuntu 18.04 server, on Docker, installed from a .deb package (Don't know if this helps :) ) What I looking for is some guidance on how to learn about cracking a software which is installed with Docker on Linux. Or what is the most easier or usually more valuable attack vector to look at, I mean, maybe try to crack the licensing, or try to use buffer overflow, how the "average attacker" thinks... Please tell me if I am missing some basics, and it is never mind that I crack/pentest on windows or docker or linux, then I will just start some book or complete course. I understand that it is a broader topic than just following a step by step tutorial, but I have plenty of time for it to learn, so videos, books, articles everything which teaches purposefully Docker/Linux software test would be awesome.

Also, what do you think, which of the following could help to aim in the right direction?

Found some books: https://kalitut.com/Best-reverse-engineering-books/

This can be related, and it was already helpful: Is it possible to escalate privileges and escaping from a Docker container?

Also I found Liveoverflow videos, some related to docker, should I start the whole series? https://www.youtube.com/watch?v=cPGZMt4cJ0I&list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN&index=55&ab_channel=LiveOverflow

Thank you very much in advance.

schroeder
  • 125,553
  • 55
  • 289
  • 326

1 Answers1

1

Use a debugger! Dynamic analysis is an exceptional way to learn how a "product" works. What do you mean with "cracking a software which is installed with Docker on Linux"? It depends on which technology make that software run on the Linux OS. Is it an ELF? It is a Java JAR? A shell script? Basically, reverse engineering is about understanding how the software is running and what it does, but it really depends on which kind of software you want to analyze.

frenkie
  • 23
  • 3