Docker Container Escape Exploits

$299.99

Exploits documenteds for escapar of contenedores Docker:

1. Docker socket mount — Si /var/run/docker.sock is montado: createsr contenedor privilegiado with host filesystem.
2. Privileged container — Escape via mount of host filesystem from contenedor --privileged.
3. CAP_SYS_ADMIN — Abuse of cgroup release_agent for executing commands in the host.
4. CVE-2019-5736 (runc) — Overwrite of /usr/bin/runc in the host from withinl contenedor.
5. Kernel exploits — DirtyPipe (CVE-2022-0847), DirtyCow from withinl contenedor si kernel es vulnerable.
6. Procfs escape — Abuse of /proc/sys/kernel/core_pattern for executing in the host.

Each technique includes: script of detection (soy vulnerable?), exploit functional, and cleanup.

Add to Cart Buy Now

Related Tools