Take ownership of docker containers

If the current user context has write permissions to the docker.sock unix socket file, we are able to take complete ownership of all dockers running on the system and perform arbitrary docker daemon/CLI commands against all containers. This is accomplished by creating a new docker container, passing in the docker.sock file descriptor, then installing dockerd inside the container. From there we can run docker commands in any container.
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.


Test this TTP

Download Operator (1.7.1)