veinmind-privilege-escalation is a privilege escalation risk scanning tool developed by Chaitin Technology
A plug-in that detects the risk of privilege escalation in container escape scenarios. The specific security policy comes from
https://github.com/GTFOBins/GTFOBins.github.io
- Quickly scan containers/images for privilege escalation risks
- suid
- limited-suid
- sudo
- capabilities
- Support
docker/containerdcontainer runtime - Support multiple report formats such as
JSON/CLI/HTML
- linux/amd64
- linux/386
- linux/arm64
- linux/arm
Please install libveinmind first, the installation method can refer to official document
make run ARG="scan xxx"
Compile the executable
make build
Run the executable to scan
chmod +x veinmind-privilege-escalation && ./veinmind-privilege-escalation scan xxx
Make sure docker and docker-compose are installed on the machine
make run.docker ARG="scan xxxx"
Build the veinmind-privilege-escalation image
make build.docker
Run the container to scan
docker run --rm -it --mount 'type=bind,source=/,target=/host,readonly,bind-propagation=rslave' veinmind-privilege-escalation scan xxx
- Specify the image name or image ID and scan (the corresponding image needs to exist locally)
./veinmind-privilege-escalation scan image [imageID/imageName]
- Scan all local mirrors
./veinmind-privilege-escalation scan image
- Specify the container name or container ID and scan
./veinmind-privilege-escalation scan container [containerID/containerName]
- Scan all local containers
./veinmind-privilege-escalation scan container
- Specify the output format Supported output formats:
- html
- json -cli (default)
./veinmind-privilege-escalation scan container [containerID/containerName] -f html
The generated result.html effect is as shown in the figure:
