Skip to content
/ Docker-API-Remote-Root-Shell-Exploit Public

A Simple Python Program that uses Docker Module to communicate with Docker API and gets a Remote Root Shell on the Target Device

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Gill-Singh-A/Docker-API-Remote-Root-Shell-Exploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
assets/images
assets/images
 
 
README.md
README.md
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Docker API Remote Root Shell Exploit

A Simple Python Program that uses Docker Module to communicate with Docker API and gets a Remote Root Shell on the Target Device

Requirements

Language Used = Python3
Modules/Packages used:

  • os
  • docker
  • paramiko
  • socket
  • random
  • string
  • base64
  • getpass
  • datetime
  • subprocess
  • optparse
  • multithreading
  • colorama
  • time

Install the dependencies:

pip install -r requirements.txt

Setup

After installing Docker on your local device, run the following commands as root user

docker pull ubuntu:20.04
docker save ubuntu:20.04 -o ubuntu_image.tar
chmod 666 ubuntu_image.tar

Working

Working of Exploit

Result

After Successful Exploitation, we can directly ssh to the target device as root user or the provided user.

Note

This Method won't work if the Docker API is password Protected or when Docker is run with non-root user.

About

A Simple Python Program that uses Docker Module to communicate with Docker API and gets a Remote Root Shell on the Target Device

Topics

python docker ssh exploit

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages