People treat Docker containers like Virtual Machines. They are not. A container is just a Linux Process on the host, surrounded by Namespaces (visibility) and Cgroups (resources). If you are root inside the container, you are technically root on the host, just with a blindfold on. Breakout attacks remove the blindfold.
Initial Check
Am I in a container?
cat /proc/1/cgroup
If you see paths like `/docker/a1b2c3...` or `/kubepods/`, you are in the matrix.
1. Privileged Mode: The Easy Win
Developers often run container with `--privileged` to fix permission errors. This is fatal.
It grants the container full access to all host devices in `/dev`.
Exploit: Mount the Host Disk.
2. Mounted Docker Socket
Sometimes containers need to spawn sibling containers (e.g., Jenkins, Portainer). They do this by mounting `/var/run/docker.sock`.
If you see this socket, you own the host.
You are now dropped into a shell with full root access to the host filesystem.
3. Kernel Exploits (Dirty Cow)
Since containers share the HOST kernel, a kernel vulnerability affects everyone.
Dirty Cow (CVE-2016-5195): Allowed a user to write to read-only files (Copy-On-Write bug).
If you exploit Dirty Cow inside a container, you can overwrite the vDSO (Virtual Dynamic Shared Object) on the host kernel memory. This gives you code execution on the host.
4. Capability Abuse (SYS_Module)
Linux capabilities split "Root" into chunks.
If a container has `CAP_SYS_MODULE`, it can load kernel modules.
Exploit: Compile a malicious `.ko` (Kernel Module) effectively a rootkit. Load it. You are now running code in Ring 0 of the host.
Defense
1. Never use `--privileged`.
2. Run as Non-Root: `USER 1000` in Dockerfile.
3. Seccomp Profiles: Block dangerous syscalls.
4. Pod Security Policies (PSP/OPA): Enforce constraints in Kubernetes.