https://github.com/gill-singh-a/portainer-agent-remote-root-shell-exploit
A Simple Python Program that uses Requests Module to add Portainer Agent Environment to Portainer Interface and gets a Remote Root Shell on the Target Device
https://github.com/gill-singh-a/portainer-agent-remote-root-shell-exploit
multiprocessing portainer portainer-agent python3 requests ssh
Last synced: 5 months ago
JSON representation
A Simple Python Program that uses Requests Module to add Portainer Agent Environment to Portainer Interface and gets a Remote Root Shell on the Target Device
- Host: GitHub
- URL: https://github.com/gill-singh-a/portainer-agent-remote-root-shell-exploit
- Owner: Gill-Singh-A
- Created: 2025-03-17T12:53:45.000Z (about 1 year ago)
- Default Branch: master
- Last Pushed: 2025-03-21T06:26:18.000Z (12 months ago)
- Last Synced: 2025-03-21T07:26:52.537Z (12 months ago)
- Topics: multiprocessing, portainer, portainer-agent, python3, requests, ssh
- Language: Python
- Homepage:
- Size: 27.3 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Portainer Agent Remote Root Shell Exploit
A Simple Python Program that uses Requests Module to add Portainer Agent Environment to Portainer Interface and gets a Remote Root Shell on the Target Device
## Requirements
Language Used = Python3
Modules/Packages used:
* sys
* warnings
* socket
* os
* requests
* json
* paramiko
* pathlib
* base64
* optparse
* getpass
* datetime
* optparse
* colorama
* multiprocessing
* time
Install the dependencies:
```bash
pip install -r requirements.txt
```
## Setup
Clone the repository with all git modules
```bash
git clone --recursive https://github.com/Gill-Singh-A/Portainer-Agent-Remote-Root-Shell-Exploit.git
```
After installing Docker on your local device, run the following commands
```bash
docker pull ubuntu:20.04
docker save ubuntu:20.04 -o ubuntu_image.tar
chmod 666 ubuntu_image.tar
```
Install Portainer on your Device
```bash
docker volume create portainer_data
docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:lts
```
Make a Configuration file **portainer_config.json** containing details of your Portainer Instance with these details
```json
{
"scheme": "https",
"host": "127.0.0.1",
"port": "9443",
"username": "admin",
"password": "password"
}
```
Open up your Portainer Web UI, setup the password for *admin* account on first login and then remove the ***Local Docker Environment***
## Result
After Successful Exploitation, we can directly ssh to the target device as root user.
### Note
Before every run, make sure that there are no environments in your Portainer Instance