Exploit: check ptrace

Exploit: check-ptrace

检查容器内部是否存在cap=SYS_PTRACE权限，存在该权限并且挂载宿主机的PID空间时，可以在容器环境内注入宿主机进程进行逃逸。该脚本将检查内部是否存在cap=SYS_PTRACE权限，同时打印容器内部进程列表。

Checking if container has cap=SYS_PTRACE capability, containers which have both this capability and host PID namespace shared (--PID=host) can be escaped by process injection.
This scripts will check if container has cap=SYS_PTRACE capability then print process information.

Further Exploit: https://github.com/gaffe23/linux-inject

Usage

./cdk run check-ptrace

Example

./cdk run check-ptrace

Exploit: check ptrace

Clone this wiki locally

Exploit: check-ptrace

Usage

Example