Skip to content

Linux Privilege Escalation - docker

Automatic Enumeration & Escape

  • linPEAS: It can also enumerate containers
  • cdk: This tool is pretty useful to enumerate the container you are into even try to escape automatically
  • amicontained: Useful tool to get the privileges the container has in order to find ways to escape from it
  • deepce: Tool to enumerate and escape from containers
  • grype: Get the CVEs contained in the software installed in the image

List Docker mounted volumes from within the container

mount | grep ^/dev/ | grep -v /etc | awk '{print $3}'