{"id":25602755,"url":"https://github.com/4m3rr0r/zombifydocker","last_synced_at":"2026-05-01T21:33:49.498Z","repository":{"id":278760897,"uuid":"936690200","full_name":"4m3rr0r/ZombifyDocker","owner":"4m3rr0r","description":"This script attempts to exploit Docker containers for privilege escalation by utilizing Docker images that may allow access to the host filesystem with privileged privileges. It tests a predefined list of Docker images and checks if the system is vulnerable to privilege escalation via chroot.","archived":false,"fork":false,"pushed_at":"2025-02-21T14:19:39.000Z","size":6,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-21T15:26:50.387Z","etag":null,"topics":["docker","docker-image","docker-priv-esc","docker-privilege-escalation","offsec","priv-esc","privilege-escalation"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/4m3rr0r.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-02-21T14:15:56.000Z","updated_at":"2025-02-21T14:23:16.000Z","dependencies_parsed_at":"2025-02-21T15:40:03.602Z","dependency_job_id":null,"html_url":"https://github.com/4m3rr0r/ZombifyDocker","commit_stats":null,"previous_names":["4m3rr0r/zombifydocker"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/4m3rr0r/ZombifyDocker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4m3rr0r%2FZombifyDocker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4m3rr0r%2FZombifyDocker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4m3rr0r%2FZombifyDocker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4m3rr0r%2FZombifyDocker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/4m3rr0r","download_url":"https://codeload.github.com/4m3rr0r/ZombifyDocker/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4m3rr0r%2FZombifyDocker/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279005457,"owners_count":26083898,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-10T02:00:06.843Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","docker-image","docker-priv-esc","docker-privilege-escalation","offsec","priv-esc","privilege-escalation"],"created_at":"2025-02-21T17:23:54.898Z","updated_at":"2025-10-10T22:05:31.755Z","avatar_url":"https://github.com/4m3rr0r.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Docker Privilege Escalation\nThis script attempts to exploit Docker containers for privilege escalation by utilizing Docker images that may allow access to the host filesystem with privileged privileges. It tests a predefined list of Docker images and checks if the system is vulnerable to privilege escalation via `chroot`.\n\n## Docker Images Tested\nThe script tests the following Docker images for potential privilege escalation:\nPython, Node, Go, PHP, Ruby, MySQL, Postgres, Redis, and more.\n\n## How It Works\n\n- **Check Docker Group**: The script checks if the current user is part of the `docker` group.\n- **Check Local Docker Images**: It checks for available Docker images on the system. If no images are found, it attempts to pull the `ubuntu` image.\n- **Privilege Escalation Attempt**: For each Docker image in the predefined list, the script checks if it can execute `chroot` inside the container with the host's filesystem, potentially escalating privileges.\n- **Execution**: If successful, it launches a root shell with access to the host filesystem.\n\n## Prerequisites\n\n- Docker installed and running.\n- User must be a member of the `docker` group to run the script without `sudo`.\n\n1. Clone the repository:\n   ```bash\n   git clone https:/github.com/4m3rr0r/ZombifyDocker.git\n   ```\n   ```bash\n   cd ZombifyDocker\n   ```\n2. Make the script executable:\n   \n   ```bash\n    chmod +x ZombifyDocker.sh\n   ```\n3. Run the script:\n   \n   ```bash\n    ./ZombifyDocker.sh\n   ```\n\n   \u003cimg src=\"./Images/2025-02-22_11-14.png\" alt=\"alt text\" /\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F4m3rr0r%2Fzombifydocker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F4m3rr0r%2Fzombifydocker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F4m3rr0r%2Fzombifydocker/lists"}