bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/linux/local/46359.md
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

658 B
Raw Blame History

Usage

Edit HOST inside payload.c, compile with make. Start nc and run pwn.sh inside the container.

Notes

  • This exploit is destructive: it'll overwrite /usr/bin/docker-runc binary on the host with the payload. It'll also overwrite /bin/sh inside the container.
  • Tested only on Debian 9.
  • No attempts were made to make it stable or reliable, it's only tested to work when a docker exec <id> /bin/sh is issued on the host.

More complete explanation here.

Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/46359.zip