1120362990/vulnerability-list
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2865be4d3d94941a3becc6c428e664fa779c7bae
vulnerability-list/docker_vuln/docker_daemon_api.py
rpkr 965913385a fix
2019-08-20 19:01:15 +08:00

28 lines
777 B
Python
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# -*- coding: utf-8 -*-
import docker
'''
Usage:
moon.py -u docker_vuln http://127.0.0.1:2375
此漏洞默认存在2375端口上-nmap扫描结果- 2375/tcp open docker
贴一个漏洞介绍可能拿shellhttps://blog.csdn.net/qq_33020901/article/details/78685447
'''
def attack(URL):
print('[+]开始检测-Docker-docker_daemon_api未授权访问。[+]')
try:
client = docker.DockerClient(base_url=URL)
print('获取到的容器列表:'+str(client.containers.list()))
print('[+]存在漏洞,连接成功!!!')
except Exception:
print('[-]连接失败,漏洞不存在。')
print('[+]检测完成-Docker-docker_daemon_api未授权访问。[+]')
print('\n')
if __name__ == "__main__":
attack()
Reference in New Issue View Git Blame Copy Permalink