{"id":19207651,"url":"https://github.com/gill-singh-a/docker-api-remote-root-shell-exploit","last_synced_at":"2026-02-03T13:31:26.372Z","repository":{"id":247893854,"uuid":"827155926","full_name":"Gill-Singh-A/Docker-API-Remote-Root-Shell-Exploit","owner":"Gill-Singh-A","description":"A Simple Python Program that uses Docker Module to communicate with Docker API and gets a Remote Root Shell on the Target Device","archived":false,"fork":false,"pushed_at":"2024-08-24T00:30:45.000Z","size":352,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-07-05T02:23:11.451Z","etag":null,"topics":["docker","exploit","python","ssh"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Gill-Singh-A.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-11T05:41:42.000Z","updated_at":"2025-03-18T17:59:26.000Z","dependencies_parsed_at":"2024-11-09T13:34:03.983Z","dependency_job_id":null,"html_url":"https://github.com/Gill-Singh-A/Docker-API-Remote-Root-Shell-Exploit","commit_stats":null,"previous_names":["gill-singh-a/docker-api-remote-root-shell-exploit"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Gill-Singh-A/Docker-API-Remote-Root-Shell-Exploit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gill-Singh-A%2FDocker-API-Remote-Root-Shell-Exploit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gill-Singh-A%2FDocker-API-Remote-Root-Shell-Exploit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gill-Singh-A%2FDocker-API-Remote-Root-Shell-Exploit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gill-Singh-A%2FDocker-API-Remote-Root-Shell-Exploit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Gill-Singh-A","download_url":"https://codeload.github.com/Gill-Singh-A/Docker-API-Remote-Root-Shell-Exploit/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gill-Singh-A%2FDocker-API-Remote-Root-Shell-Exploit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29046564,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-03T10:09:22.136Z","status":"ssl_error","status_checked_at":"2026-02-03T10:09:16.814Z","response_time":96,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","exploit","python","ssh"],"created_at":"2024-11-09T13:21:40.152Z","updated_at":"2026-02-03T13:31:26.350Z","avatar_url":"https://github.com/Gill-Singh-A.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Docker API Remote Root Shell Exploit\nA Simple Python Program that uses Docker Module to communicate with Docker API and gets a Remote Root Shell on the Target Device\n## Requirements\nLanguage Used = Python3\u003cbr /\u003e\nModules/Packages used:\n* os\n* docker\n* paramiko\n* socket\n* random\n* string\n* base64\n* getpass\n* datetime\n* subprocess\n* optparse\n* multithreading\n* colorama\n* time\n\u003c!-- --\u003e\nInstall the dependencies:\n```bash\npip install -r requirements.txt\n```\n## Setup\nAfter installing Docker on your local device, run the following commands as root user\n```bash\ndocker pull ubuntu:20.04\ndocker save ubuntu:20.04 -o ubuntu_image.tar\nchmod 666 ubuntu_image.tar\n```\n## Working\n![Working of Exploit](assets/images/working.png)\n## Result\nAfter Successful Exploitation, we can directly ssh to the target device as root user or the provided user.\n## Note\nThis Method won't work if the Docker API is password Protected or when Docker is run with non-root user.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgill-singh-a%2Fdocker-api-remote-root-shell-exploit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgill-singh-a%2Fdocker-api-remote-root-shell-exploit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgill-singh-a%2Fdocker-api-remote-root-shell-exploit/lists"}