Page | 10
www.hackingarticles.in
Abusing Docker API
Now attacker always looks for such network IP where docker is accessible through API over 2375/TCP
port in order to establish a remote connection with the docker application. As you can see, we try to
scan the host machine to identify open port for docker API using Nmap port scan.
Once the port is open and accessible, you can try to connect with docker daemon on the target
machine. But for this, you need to install a docker on your local machine too. So, we have installed
docker on Kali Linux as well as we docker running on our target machine too. Now to ensure that we
can access docker daemon remotely, we execute the following command to identify the installed
docker version.