Docker Privileged Container Escape, A container run with --privileged has almost all capabilities of the host. If somehow you find that the docker socket is mounted inside the docker container, you will be able to escape from it. We will review three different docker breakout scenarios. socket), and every user 2 core components: dockerd (docker deamon) Communicates with the kernel and provides functionality such as creating containers, etc. Unlike regular containers, these containers have root privilege to the host machine. Privileged containers might allow attackers to break out of the container and gain control over the host system. Tryhackme Matryoshka Docker Container Escape - Detailed Analysis & Overview In this video, I go through Advent of Cyber Day 14 – Support my work on Patreon: In this detailed Learn how to Hamlet TryHackMe Walkthrough & Docker Container breakout Privilege escalation Escaping Docker containers privesc: Tryhackme Hamlet Walkthrough - step by step with explanations TryHackMe: Privileged Docker containers are containers that are run with the --privileged flag. Detection with Falco, hardening with seccomp and AppArmor. In the context of containers. Best practices for securing Docker containers before production deployment include using trusted base images, regularly updating and scanning container images for vulnerabilities, CVE-2026-5752 CVSS 9. This guide explains container enumeration, privilege escalation, and host compromise methods used in real This was first shown to be an issue in Docker containers by Sebastian Krahmer with shocker exploit. For privilege escalation with root containers Default capabilities in Docker container V20. 3. A user on a Docker host who has access to the docker group or privileges to sudo docker commands is effectively root (as you can do things like use docker to run a privilieged container or The privilege escalation might have occurred only within a containerized environment, leaving the underlying host—and the true crown jewels—untouched. It affects Docker < 18. Container escape is a security risk in which malicious players can leverage containerized apps. For example, an external attacker who has gained low-privilege access to a container will attempt to Docker Escape: Breaking Out of Containers A practical guide to Docker container escape techniques, covering misconfigurations, privileged containers, capability abuse, and kernel exploits. But as with any good prison, there are ways to escape if you know where to look. socket), and every user Introduction: In this post, I present a series of offensive techniques and real-world misconfigurations encountered while exploring containerized environments, particularly Docker and The ability to read this file (restricted to privileged users) can leak memory contents from the host system and other containers. However, privileged docker containers can enable attackers to take over the Learn practical Docker escape techniques used by attackers and red teamers. In other words, Namespaces are the core technology that enables containerization. When you run containers Master Docker container escape techniques: detecting container environments, Docker socket abuse, privileged container escape via nsenter, cgroups v1 release_agent exploitation, If somehow you find that the docker socket is mounted inside the docker container, you will be able to escape from it. Learn how Docker container escape attacks work, common vulnerabilities exploited in 2025, and best practices to secure container isolation effectively. Escape Docker containers and escalate to root on the host via privileged containers, mounted docker socket, --pid=host, and cgroup v1 release_agent techniques. 1 today. Deep-dive into the risks and how to prevent privilege escalation. Cyera Research identifies CVE-2026-34040, a critical Docker bypass. Privileged containers However, privileged Docker containers can enable attackers to take over the host system. Investigating Potential Docker Escape via Nsenter Docker containers use namespaces to isolate processes, ensuring they operate independently from the host system. 3 release: Fixed CVE-2025-9074 where a malicious container running on Docker Desktop could access the Docker Engine and launch A proof-of-concept demonstrating how a fully unprivileged container can achieve node-level code execution on Kubernetes by exploiting the CVE-2026-31431 Linux kernel page-cache corruption bug An attacker with permission to run workflows on a Docker-backed Gitea act_runner can escalate privileges by creating containers with host namespaces and elevated capabilities despite By bind-mounting the Docker Unix socket and statically linked Docker binary (refer to get the Linux binary), you give the container the full access to create and manipulate the host's Docker daemon. g. Any code in that container can fully compromise the host. Privileged docker containers are containers that are run with the --privileged flag. 2 core components: dockerd (docker deamon) Communicates with the kernel and provides functionality such as creating containers, etc. 0 | Severity: CRITICAL | CVSS: 9. The privilege escalation might have occurred only within a containerized environment, leaving the underlying host—and the This vulnerability allows a malicious container image to overwrite the runc binary on the host during container execution. The profile also denies mount syscall. We expose the API via a simple file (docker. This usually happen in docker containers that for some reason need to connect to In fact, --privileged provides far more permissions than needed to escape a Docker container via this method. Time to break out to the Docker host. A new Capture The Flag (CTF) machine, developed for CrowSec EdTech, provides a hands-on environment to practice critical advanced techniques, including Linux privilege escalation, Docker Mounting docker. In fact, --privileged provides far more permissions than needed to escape a Docker container via this method. In reality, the "only" requirements are: You must be running as root inside the container. This exploit should work against We provide a technical analysis of a container abuse attack that features a payload that’s specifically crafted to be able to escape privileged Docker containers. This challenge, known as container Container Architecture Overview The key thing to understand: containers share the same kernel with the host system. sock) lets your container control the Docker Full container capabilities (--privileged) The --privileged flag gives all capabilities to the container, and it also lifts all the limitations enforced by the device cgroup controller. The large reported file size represents the maximum amount of physically Infrastructure testing Breakout Docker escape dockers which running with '--privileged' or '--cap-add=SYS_ADMIN ' parameters could be exploited to gain access to the underline system from the This module escapes from a privileged Docker container and obtains root on the host machine by abusing the Linux cgroup notification on release feature. The secondary goal is to use the host system-level access to Escape to Host enables adversaries to bypass container security measures, often allowing them to gain access to the host system’s resources. An attacker A vulnerability in Docker Desktop was fixed on August 20 in the 4. Comprehensive guide covering Docker escapes, misconfigurations, and privilege escalation techniques including privileged containers, Docker socket abuse, and sensitive mounts. This usually happen in docker containers Privilege Escalation using Docker Container Background In many companies, employees are often provided with a workstation that has limited user privileges. RULE #2 - Set a user Configuring the container to use an unprivileged user is the best way to prevent privilege escalation attacks. 262. Escape the container and dominate the Node. For example, an attacker with access to a Kubernetes API token can enumerate permissions and deploy a privileged pod designed for container escape. When you run containers Misconfigured volume mounts and privileged containers Mounting sensitive host paths into containers creates direct escape vectors that attackers can exploit. Docker can run commands as the root user if you want, but it also offers a similar flag called Privileged. This shared kernel is both the source of containers’ efficiency and their Trail of Bits recently completed a security assessment of Kubernetes, including its interaction with Docker. For example, in Docker, each container runs in its own namespace, isolating its processes from the host and from other containers. This usually happen in docker containers that for some reason need to connect to Learn how to configure Portainer and Docker to prevent container escape attacks by disabling dangerous capabilities, privileges, and mount options. It’s one of those things we all learn early on Does running a container with privileged mode turn on allow code to escape into the Host ? From docker's docs: The --privileged flag gives all capabilities to the container, and it also lifts all the Privileged Containers: Running with — privileged effectively disables isolation. A privileged container can be created with the flag --privileged or disabling specific defenses: The --privileged flag significantly lowers container security, offering unrestricted device access and In modern penetration testing, achieving root access can be a deceptive victory. Today, let’s look at how attackers can escape privileged containers. This is done with Linux namespaces, however, making it much more lightweight Container security, docker. 6) - A privilege escalation and Docker container escape vulnerability that's caused by unsafe default mounting of host binary paths Privileged containers are often used when the containers need direct hardware access to complete their tasks. 📖 Story You've compromised the Jenkins agent container. LAB: Privileged Container In this lab, the docker container is running in privileged mode. however, this is very different from root usage, and it's Mount Points Docker Specific LXD Specific LXD Hooks Privileged Containers All bets are off with privileged containers, to test out creating one we want to do the following If you have either root Learn how container privilege escalation vulnerabilities work, the risks they pose, and steps to prevent attackers from gaining unauthorized access. It allows a user that is running in a Docker or Kubernetes container to escape the container and run a binary of their Container isolation is not a security boundary by default. The container runs with --privileged flag. In the following page you can learn more about linux capabilities and how to abuse them to escape/escalate privileges: A privileged container can be created with the flag --privileged or Privileged containers are often used when the containers need direct hardware access to complete their tasks. If possible, avoid running Docker containers with the --privileged flag. You might be able to do complicated things with namespaces to escape a privileged container, but then you're not really 🎯 Goals The goal of this scenario is to escape out of the running docker container on the host system using the available misconfigurations. This usually happen in docker containers that for some reason need to connect to Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE) enumeration exploits privilege-escalation privilege-escalation-exploits container-escape deepce docker-enumeration This tool is extremely useful for enumerating the container you are in and can even attempt an automatic escape, making it easier to explore and privilege escalate in Docker If you want the deep dive on how Docker isolation works (namespaces, cgroups, and all that), check out Chapter 1 of the Docker Security series. The Part 2: Privileged Container Part 3: Docker Socket Intro This is the second post of my container breakout series. If a container is run with privileged mode or with --cap-add=SYS_ADMIN using docker run , but the user inside the container is non-root, what kind of security escape risks will be encountered, Many containers are internet-facing, which poses an even greater security risk. 09. This can be accomplished in three different ways as follows: During 📖 Story You've compromised the Jenkins agent container. This is a very well known trick used when the configuration let too many accounts run docker, and you will have to do it Escape Docker containers and escalate to root on the host via privileged containers, mounted docker socket, --pid=host, and cgroup v1 release_agent techniques. sock and runtime escape Most DevOps engineers know that running containers with the privileged flag is dangerous. After the discussion on how to escape from a system with access only to Another option is to use the Metasploit module Docker Privileged Container Escape, which uses the same exploit to upgrade a shell received from a container to a shell on the host. The most common escape involves mounting the host's cgroup and using the release_agent. The Docker Breakout Mounted docker socket If somehow you find that the docker socket is mounted inside the docker container, you will be able to escape from it. Mount Escapes: Sharing host directories (e. Learn how 1MB+ requests silence security plugins and how to patch Docker Engine 29. • Keep your Docker images Misconfigured volume mounts and privileged containers Mounting sensitive host paths into containers creates direct escape vectors that attackers can exploit. This usually happen in docker containers that for some reason need to connect to Comprehensive guide covering Docker escapes, misconfigurations, and privilege escalation techniques including privileged containers, Docker socket abuse, and sensitive mounts. As you have realized in the previous post how privileged Docker Containers › Docker Production Guide › Docker Container Escape Risks Container escape is the process of breaking out of a container's isolation mechanisms and gaining Docker allows you to build and run containers that hold an application in an isolated environment, similar to a Virtual Machine. Felix Wilhelm’s recent tweet of a Proof of Concept (PoC) “container escape” In this article, I talk about a classic privilege escalation through Docker containers. In Part Three, we chain an SSTI vulnerability with the --privileged flag to break out of the container and execute code directly on the The vulnerability was a bug in the Linux kernel feature called control groups (cgroups). Learn the escape techniques attackers use - privileged containers, mounted Docker sockets, kernel exploits, cgroup escapes, and How attackers break out of Docker containers using privileged mode, mounted sockets, and CVE exploits. Compromising a privileged container gets you one step closer to If somehow you find that the docker socket is mounted inside the docker container, you will be able to escape from it. 4 If somehow you find that the docker socket is mounted inside the docker container, you will be able to escape from it. 0-rc6. . From misconfigurations to exploiting CVEs, learn how to safeguard your containers against the latest security vulnerabilities. 44. 7 It is worth noting that we may execute a container with the --privileged flag, which grants the container all of the capabilities and removes isolation Docker containers are supposed to be isolated, self-contained environments—like tiny prisons for code. 10. Its a liability!!! Docker and LXC enable a default LSM profile in enforcement mode, which mostly serves to restrict a container’s access to sensitive /proc and /sys entries. jailbreak - escaping the container It’s common knowledge that Docker containers should not be be run in privileged mode with a shared host PID namespace, but why? In this case a Explore the intricacies of Docker container escape techniques. 2, runc < 1. Finding an Exploitable An official website of the United States government Here's how you know Redirecting Redirecting The security defects are listed below - CVE-2025-34025 (CVSS score: 8. The best way to do this is to run your process outside Docker. How to systematically enumerate Docker from inside a container and from the host Step-by-step techniques for privilege escalation and container escape Real-world code snippets and practical tips Here are key practices to implement: • Run containers with the least privilege necessary: Use non-privileged users whenever possible to minimize potential security risks. These user accounts often lack sudo or Privileged containers are often used in CI/CD pipelines to allow for building and publishing Docker images. 3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container escape. , /var/run/docker. With a simple API request, Container security failures follow a predictable pattern: a developer uses a convenient base image running as root, adds the packages they need, and pushes to production. However, privileged docker containers can enable attackers to take over the CVE-2026-58053 | null | Affecting act_runner <= 0. sock into containers is common for CI/CD but creates a direct privilege escalation path. Docker has mitigated this issue by dropping CAP_DAC_READ_SEARCH (as well as blocking 🐋 Docker Container Escape 🎯 Overview Docker group membership provides equivalent root access to host filesystem through container mounting and privileged container execution. In each scenario, we will see a different technique used to breakout of a docker container. 9s, zisjz, tislf, aohbc, zujl, nrsjowal, ofxvu8, whrvne, nwwudw, 0ww,