Home / exploitsPDF  

Docker Privileged Container Kernel Escape

Posted on 06 May 2024

This Metasploit module performs a container escape onto the host as the daemon user. It takes advantage of the SYS_MODULE capability. If that exists and the linux headers are available to compile on the target, then we can escape onto the host.

 

TOP