Enumerate docker unix socket

If the current user context has write permissions to the docker.sock unix socket file, we are able to take complete ownership of all dockers running on the system and perform arbitrary docker daemon/CLI commands against all containers. This TTP enumerates the docker.sock file and determines if the current user has permissions or not.
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.


Test this TTP

Download Operator (1.7.1)