Docker Escape / Breakout

Tools

GitHub - PercussiveElbow/docker-escape-tool: Tool to test if you're in a Docker container and attempt simple breakoutsGitHub

Docker breakout :

Mounted Docker UNIX socket.
Reachable Docker network socket (on both default port 2375/2376).
Mountable devices (e.g. host / disk)
CVE-2019-5736

GitHub - stealthcopter/deepce: Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)GitHub

Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

GitHub - brompwnie/ed: Ed is a tool used to identify and exploit accessible UNIX Domain SocketsGitHub

Ed is a tool used to identify and exploit accessible UNIX Domain Sockets

GitHub - cdk-team/CDK: 📦 Make security testing of K8s, Docker, and Containerd easier.GitHub

CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs and helps you to escape container and take over K8s cluster easily.

References

Docker Breakout / Privilege EscalationHackTricks

PayloadsAllTheThings/Container - Docker Pentest.md at master · swisskyrepo/PayloadsAllTheThingsGitHub

Previoussu bruteforce

Last updated 2 years ago