DEF CON 31 – Staying Undetected Using the Windows Container Isolation Framework – Daniel Avinoam

The use of containers became an integral part of any resource-efficient and secure environment. Starting from Windows Server 2016, Microsoft released its version of this solution called Windows Containers, which offers either a process or Hyper-V isolation modes.

In both cases, an efficient file system separation should be provided. On one hand, each container should be able to access system files and write changes that will not affect the host. On the other, copying the entire main volume on each container launch will be storage-inefficient and not practical.

In this presentation, we will cover the basics of windows containers, break down its file system isolation framework, reverse-engineer its main mini-filter driver, and see how it can be utilized and manipulated by an actor to bypass EDR products in multiple domains. Eventually, we will provide an open-source tool based on these findings.

This technology caught my attention for several reasons:

Containers and virtualization solutions are everywhere, and their internal workings are not well documented.
Actors often search for ways to escape containers. The idea of intentionally entering into one in order to evade security products has yet to be explored.
This framework doesn’t require any prerequisites and comes as default in every modern Windows image! (the part which we will abuse, at least).