forked from Ne0nd0g/merlin
-
Notifications
You must be signed in to change notification settings - Fork 114
Mount Breakout
yanivyakobovich edited this page Jan 17, 2022
·
1 revision
Requirements:
- Running as root in the container, also in the host. By default docker container runs with the same user NS, if the container is running in a different user NS then the root must be mapped to root. If the running user is not Root then the device must have a user option within the
/etc/fstab
in the root file system device, otherwise, only the root will be able to mount the device - CAP_SYS_ADMIN which allow the mount syscall
- Root file system device mounted within the container
Exploit:
- Find the root file system device
- Mount the device in the container
Wish to contribute module?
Exploit Module Guide
- cGroup Breakout
- Mount Breakout
- DockerSock Breakout
- Kubelet Attack
- Var Log Escape
- Kernel Module Breakout
Other Modules