forked from Ne0nd0g/merlin
-
Notifications
You must be signed in to change notification settings - Fork 115
Kernel Module Breakout
yanivyakobovich edited this page Jan 17, 2022
·
1 revision
Break out of the container by abusing the SYS_MODULE capability
info:
Cap_sys_module allows you to Load and unload kernel modules
Requirements:
- CAP_SYS_MODULE
- Relevant version of the generic kernel module exists in the container, it is located in the host in
/lib/modules/$(uname -r) -
make&&insmodcommand exists in the container
Exploit:
- Create a reverse shell kernel module
- Create makefile for the kernel module
- Use
insmodto load the module into the kernel
Wish to contribute module?
Exploit Module Guide
- cGroup Breakout
- Mount Breakout
- DockerSock Breakout
- Kubelet Attack
- Var Log Escape
- Kernel Module Breakout
Other Modules