Exploit: check ptrace
检查容器内部是否存在cap=SYS_PTRACE权限,存在该权限并且挂载宿主机的PID空间时,可以在容器环境内注入宿主机进程进行逃逸。
该脚本将检查内部是否存在cap=SYS_PTRACE权限,同时打印容器内部进程列表。
Checking if container has cap=SYS_PTRACE capability, containers which have both this capability and host PID namespace shared (--PID=host) can be escaped by process injection.
This scripts will check if container has cap=SYS_PTRACE capability then print process information.
Further Exploit: https://github.com/gaffe23/linux-inject
./cdk run check-ptrace
./cdk run check-ptrace
