January 14, 20197 yr Hey guys - wanted you to be aware of this one. Hot off the press today. https://www.cyberark.com/threat-research-blog/how-i-hacked-play-with-docker-and-remotely-ran-code-on-the-host/ repo
January 14, 20197 yr Doesn't look like it will work on unRaid root@4280bb0534ed:/# cat /proc/cmdline BOOT_IMAGE=/bzimage initrd=/bzroot No UUID listed so you won't be able to mount it within the container.
January 14, 20197 yr Author 2 minutes ago, Squid said: Doesn't look like it will work on unRaid root@4280bb0534ed:/# cat /proc/cmdline BOOT_IMAGE=/bzimage initrd=/bzroot No UUID listed so you won't be able to mount it within the container. I don't run any privileged docker containers but would that change if the container was actually ran as privileged? What's interesting is that team is aware of other exploit techniques they chose not to make public.
January 14, 20197 yr Just now, repomanz said: I don't run any privileged docker containers but would that change if the container was actually ran as privileged? What's interesting is that team is aware of other exploit techniques they chose not to make public. That was a privileged container I posted
Archived
This topic is now archived and is closed to further replies.