This Metasploit module leverages a flaw in runc to escape a Docker container and get command execution on the host as root. This vulnerability is identified as CVE-2019-5736. It overwrites the runc binary with the payload and waits for someone to use docker exec to get into the container. This will trigger the payload execution. Note that executing this exploit carries important risks regarding the Docker installation integrity on the target and inside the container.
You May Also Like
CISA’s Top 30 Bugs: One’s Old Enough to Buy Beer
There are patches or remediations for all of them, but they’re still…
- cybersecurityredflag_sdevzw
- July 29, 2021
XCSSET MacOS malware targets Telegram, Google Chrome data and more
XCSSET macOS malware continues to evolve, now it is able to steal…
- cybersecurityredflag_sdevzw
- July 25, 2021
Apache Airflow 1.10.10 Remote Code Execution
Apache Airflow versions 1.10.10 and below suffer from a remote code execution…
- cybersecurityredflag_sdevzw
- June 2, 2021
Ubuntu OverlayFS Local Privilege Escalation
The document in this archive illustrates using the included proof of concept…
- cybersecurityredflag_sdevzw
- May 31, 2021