CVE-2024-41110 PoC — Docker Engine 安全漏洞

Source

https://github.com/secsaburo/CVE-2024-41110-

Associated Vulnerability

Title:Docker Engine 安全漏洞 (CVE-2024-41110)
Description:Docker Engine是美国Docker公司的一套轻量级的运行环境和包管理工具。 Docker Engine存在安全漏洞，该漏洞源于允许攻击者在特定情况下绕过授权插件，导致包括权限提升的未授权操作。

Description

CVE-2024-41110  docker AuthZ exploit

Readme

# CVE-2024-41110 PoC 
CVE-2024-41110  docker AuthZ exploit - get all docker containers on target

>[!warning] The author is not responsible for any harm made by this exploit. use in educational purposes only.

## Installation

Download with golang:

```bash
git clone https://github.com/secsaburo/CVE-2024-41110-
cd CVE-2024-41110-
go build -o docker_poc exploit.go 
```

## Usage

Run:

```bash
./docker_poc -host=127.0.0.1:2347
```

File Snapshot


 [4.0K]  /data/pocs/a127cf8fb0c072e5e198b3db6e442827cbfa4a9f
├── [1.4K]  exploit.go
├── [ 186]  go.mod
├── [ 467]  go.sum
├── [4.0K]  pkg
│   └── [4.0K]  intr
│       ├── [ 334]  dockerapi.go
│       ├── [ 346]  http.go
│       ├── [ 260]  httpx.go
│       ├── [ 209]  ipc.go
│       ├── [ 376]  request.go
│       ├── [ 110]  supp.go
│       └── [1.1K]  test.go
└── [ 434]  README.md

2 directories, 11 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!