If the current user context has write permissions to the docker.sock unix socket file, we are able to take complete ownership
of all dockers running on the system and perform arbitrary docker daemon/CLI commands against all containers. This is accomplished
by creating a new docker container, passing in the docker.sock file descriptor, then installing dockerd inside the container. From
there we can run docker commands in any container.
View Command
To view this TTPs command, you must be logged in with a professional or enterprise license.