{"id":13539329,"url":"https://github.com/ullaakut/gorsair","last_synced_at":"2025-04-02T06:30:47.330Z","repository":{"id":34099160,"uuid":"143321747","full_name":"Ullaakut/Gorsair","owner":"Ullaakut","description":"Gorsair gives root access on remote docker containers that expose their APIs","archived":true,"fork":false,"pushed_at":"2023-12-19T18:44:32.000Z","size":4632,"stargazers_count":837,"open_issues_count":3,"forks_count":74,"subscribers_count":20,"default_branch":"master","last_synced_at":"2024-05-01T14:53:16.197Z","etag":null,"topics":["docker","infosec","netsec","nmap","penetration-testing","pentesting","security"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Ullaakut.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-08-02T16:49:14.000Z","updated_at":"2024-03-26T03:11:51.000Z","dependencies_parsed_at":"2023-02-18T09:31:26.950Z","dependency_job_id":"8208446f-34ee-444e-9e77-095aa37d8627","html_url":"https://github.com/Ullaakut/Gorsair","commit_stats":{"total_commits":56,"total_committers":3,"mean_commits":"18.666666666666668","dds":0.6428571428571428,"last_synced_commit":"4bf8be72adc6200c3bc8ce30440ca8a8998f5a78"},"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ullaakut%2FGorsair","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ullaakut%2FGorsair/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ullaakut%2FGorsair/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ullaakut%2FGorsair/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Ullaakut","download_url":"https://codeload.github.com/Ullaakut/Gorsair/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246767641,"owners_count":20830528,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","infosec","netsec","nmap","penetration-testing","pentesting","security"],"created_at":"2024-08-01T09:01:23.506Z","updated_at":"2025-04-02T06:30:46.748Z","avatar_url":"https://github.com/Ullaakut.png","language":"Go","funding_links":[],"categories":["\u003ca id=\"683b645c2162a1fce5f24ac2abfa1973\"\u003e\u003c/a\u003e漏洞\u0026\u0026漏洞管理\u0026\u0026漏洞发现/挖掘\u0026\u0026漏洞开发\u0026\u0026漏洞利用\u0026\u0026Fuzzing"],"sub_categories":["\u003ca id=\"edbf1e5f4d570ed44080b30bc782c350\"\u003e\u003c/a\u003e容器\u0026\u0026Docker"],"readme":"# Gorsair\n\n\u003cp align=\"center\"\u003e\n    \u003ca href=\"https://asciinema.org/a/226476\"\u003e\u003cimg src=\"images/gorsair.gif\" width=\"700px\"/\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n    \u003ca href=\"#license\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/license-Apache-blue.svg?style=flat\" /\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://goreportcard.com/report/github.com/Ullaakut/gorsair\"\u003e\n        \u003cimg src=\"https://goreportcard.com/badge/github.com/Ullaakut/gorsair\" /\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://github.com/Ullaakut/gorsair/releases/latest\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/release/Ullaakut/gorsair.svg?style=flat\" /\u003e\n    \u003c/a\u003e\n\u003c/p\u003e\n\nGorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access to the docker daemon, you can use Gorsair to directly execute commands on remote containers.\n\nExposing the docker API on the internet is a tremendous risk, as it can let malicious agents get information on all of the other containers, images and system, as well as potentially getting privileged access to the whole system if the image uses the `root` user.\n\n\u003cp align=\"center\"\u003e\n    \u003cimg src=\"images/Gorsair.png\" width=\"300px\"/\u003e\n\u003c/p\u003e\n\n## Install\n\n### From a release\n\nSet the:\n* `GORSAIR_VERSION` to whatever release you are interested in\n* `OS` to your operating system (`linux`, `windows` or `darwin`)\n* `ARCH` to your architecture (`amd64`, `arm`, or `ppc64le`)\n\nAnd then run the following command to install gorsair.\n\n`curl -sS https://github.com/Ullaakut/Gorsair/releases/download/$GORSAIR_VERSION/gorsair_$OS_$ARCH --output /usr/local/bin/gorsair \u0026\u0026 chmod +x /usr/local/bin/gorsair`\n\n### From the sources\n\n* Make sure that you have a go version that supports modules (versions 1.11 and above)\n* Make sure that your environment contains the `GO111MODULE` variable set to `on`\n* Run `go build -o /usr/local/bin/gorsair cmd/*.go` from the root of this repository\n\n## Command line options\n\n* **`-t`, `--targets`**:    Set targets according to the [nmap target format](https://nmap.org/book/man-target-specification.html). Required. Example: `--targets=\"192.168.1.72,192.168.1.74\"`\n* **`-p`, `--ports`**:      (Default: `2375,2376`) Set custom ports.\n* **`-s`, `--speed`**:      (Default: `4`) Set custom nmap discovery presets to improve speed or accuracy. It's recommended to lower it if you are attempting to scan an unstable and slow network, or to increase it if on a very performant and reliable network. You might also want to keep it low to keep your discovery stealthy. See [this for more info on the nmap timing templates](https://nmap.org/book/man-performance.html).\n* **`-v`, `--verbose`**:    Enable more verbose logs.\n* **`-D`, `--decoys`**:     List of decoy IP addresses to use (see the [decoy section of the nmap documentation](https://nmap.org/book/man-bypass-firewalls-ids.html))\n* **`-e`, `--interface`**:  Network interface to use\n* **`--proxies`**:          List of HTTP/SOCKS4 proxies to use to deplay connections with\n([see documentation](https://nmap.org/book/man-bypass-firewalls-ids.html))\n* **`-S`, `--spoof-ip`**:   IP address to use for IP spoofing\n* **`--spoof-mac`**:        MAC address to use for MAC spoofing\n* **`-v`, `--verbose`**:    Enable verbose logging\n* **`-h`, `--help`**:       Display the usage information\n\n## How can I protect my containers from this attack\n\n* Avoid putting containers that have access to the docker socket on the internet\n* Avoid using the `root` account in docker containers\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fullaakut%2Fgorsair","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fullaakut%2Fgorsair","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fullaakut%2Fgorsair/lists"}