https://github.com/gill-singh-a/portainer-remote-root-shell-exploit

A Simple Python Program that uses Requests Module to communicate with Docker API through Portainer and gets a Remote Root Shell on the Target Device
https://github.com/gill-singh-a/portainer-remote-root-shell-exploit

docker exploit portainer python3 ssh

Last synced: 9 months ago
JSON representation

A Simple Python Program that uses Requests Module to communicate with Docker API through Portainer and gets a Remote Root Shell on the Target Device

• Host: GitHub
• URL: https://github.com/gill-singh-a/portainer-remote-root-shell-exploit
• Owner: Gill-Singh-A
• Created: 2024-08-10T16:08:05.000Z (over 1 year ago)
• Default Branch: master
• Last Pushed: 2024-08-24T00:37:37.000Z (over 1 year ago)
• Last Synced: 2025-01-04T15:41:48.427Z (about 1 year ago)
• Topics: docker, exploit, portainer, python3, ssh
• Language: Python
• Homepage:
• Size: 181 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Portainer Remote Root Shell Exploit

A Simple Python Program that uses Requests Module to communicate with Docker API through Portainer and gets a Remote Root Shell on the Target Device

## Requirements

Language Used = Python3


Modules/Packages used:

* socket

* os

* requests

* json

* paramiko

* getpass

* datetime

* optparse

* colorama

* multiprocessing

* time

Install the dependencies:

```bash

pip install -r requirements.txt

```

## Setup

After installing Docker on your local device, run the following commands as root user

```bash

docker pull ubuntu:20.04

docker save ubuntu:20.04 -o ubuntu_image.tar

chmod 666 ubuntu_image.tar

```

## Working

![Working of Exploit](assets/images/working.png)

## Result

After Successful Exploitation, we can directly ssh to the target device as root user.

### Note

To brute Force the Portainer Interface, we can use [Gill-Singh-A/Portainer-Brute-Force](https://github.com/Gill-Singh-A/Portainer-Brute-Force)


A Similar Exploit of Exposed Docker APIs : [Gill-Singh-A/Docker-API-Remote-Root-Shell-Exploit](https://github.com/Gill-Singh-A/Docker-API-Remote-Root-Shell-Exploit)


To know more about the Process of Exploitation see the Blog [Getting Remote Root Shell on Devices via Portainer](https://medium.com/the-first-digit/getting-remote-root-shell-on-devices-via-portainer-8daf9631bfc7) on [Medium](https://medium.com/@amansg22)