Skip to content

teamssix/container-escape-check

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Container Escape Check 容器逃逸检测

GitHub stars GitHub issues GitHub release img Twitter

container-escape-check

中文 | EN

Introduce

This script is used to detect Docker container escape methods, The following methods are currently supported:

  1. Privileged Mode
  2. Mount docker Socket
  3. Mount host procfs
  4. Mount host root or etc directory
  5. Open Docker Remote API
  6. CVE-2016-5195 DirtyCow
  7. CVE-2020-14386
  8. CVE-2022-0847 DirtyPipe
  9. CVE-2017-1000112
  10. CVE-2021-22555
  11. Mount Host Var Log
  12. CAP_DAC_READ_SEARCH (Requires container to support capsh command)
  13. CAP_SYS_ADMIN (Requires container to support capsh command)
  14. CAP_SYS_PTRACE (Requires container to support capsh command)
  15. CVE-2022-0492

✨ Usage

Run this script with one command in the container.

wget https://raw.githubusercontent.com/teamssix/container-escape-check/main/container-escape-check.sh -O- | bash

Or clone the project to run in the container.

git clone https://github.com/teamssix/container-escape-check.git
cd container-escape-check
chmod +x container-escape-check.sh
./container-escape-check.sh

If it feels good, remember to give the project a little star ✨

⚠️ Notes

  • This script needs to be run inside the docker container.
  • Most of the detection methods here are based on my experience, and there may be false positives or omissions. If you find these problems, please submit an Issue.
  • Some escape methods need to be judged according to the Docker version. I haven't thought of a way to get the Docker version from inside the container, so the script does not support the detection of this method yet.

Changelog

v0.3 2022.4.7

  • Add CVE-2022-0492
  • If the capsh command does not exist, it will be installed automatically
  • Enhanced privileged mode detection
  • Enhanced /var/log detection

v0.2 2022.3.30

  • Add CVE-2017-1000112
  • Add CVE-2021-22555
  • Add Mount Host Var Log
  • Add CAP_DAC_READ_SEARCH
  • Add CAP_SYS_ADMIN
  • Add CAP_SYS_PTRACE

v0.1 2022.3.18

  • Add Privileged Mode
  • Add Mount docker Socket
  • Add Mount host procfs
  • Add Mount host root or etc directory
  • Add Open Docker Remote API
  • Add CVE-2016-5195 DirtyCow
  • Add CVE-2020-14386
  • Add CVE-2022-0847 DirtyPipe

img

About

docker container escape check || Docker 容器逃逸检测

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages