[GH-ISSUE #32] Full desktop and root terminal access in running container #29

Closed
opened 2026-02-27 07:16:12 +03:00 by kerem · 2 comments
Owner

Originally created by @ms101 on GitHub (Sep 25, 2023).
Original GitHub issue: https://github.com/JoelGMSec/EvilnoVNC/issues/32

There is a way to get access to the desktop and root terminals in a running container (tested with latest Firefox and Chromium):

  1. (optional) Ctrl+Alt+RightArrowKey switches to another virtual desktop
  2. Alt+F2 starts the app launcher, choose xfce4-keyboard-settings
  3. choose Application Shortcuts and add a new one
  4. as command: chmod 777 /usr/bin/xfce4-terminal
  5. as shortcut: Alt+F3
  6. save, overwrite shortcut and press Alt+F3
  7. then start xfce4-terminal via app launcher (Alt+F2), this also works for starting thunar or xfce4-panel

Now a user has root access to the container, including collected data in /home/user/Downloads:
2023-09-25_14-52-27_screenshot

Possible measures:

  • harden XFCE configuration or file permissions
  • better avoid a full DE at all (working on it..)
Originally created by @ms101 on GitHub (Sep 25, 2023). Original GitHub issue: https://github.com/JoelGMSec/EvilnoVNC/issues/32 There is a way to get access to the desktop and root terminals in a running container (tested with latest Firefox and Chromium): 1. (optional) Ctrl+Alt+RightArrowKey switches to another virtual desktop 2. Alt+F2 starts the app launcher, choose xfce4-keyboard-settings 3. choose Application Shortcuts and add a new one 4. as command: chmod 777 /usr/bin/xfce4-terminal 5. as shortcut: Alt+F3 6. save, overwrite shortcut and press Alt+F3 7. then start xfce4-terminal via app launcher (Alt+F2), this also works for starting thunar or xfce4-panel Now a user has root access to the container, including collected data in /home/user/Downloads: ![2023-09-25_14-52-27_screenshot](https://github.com/JoelGMSec/EvilnoVNC/assets/7735657/b8802e5d-7158-4367-8a03-75be10fa9334) Possible measures: - harden XFCE configuration or file permissions - better avoid a full DE at all (working on it..)
kerem closed this issue 2026-02-27 07:16:12 +03:00
Author
Owner

@ms101 commented on GitHub (Oct 4, 2023):

PR #33 should fix this

<!-- gh-comment-id:1747116901 --> @ms101 commented on GitHub (Oct 4, 2023): PR #33 should fix this
Author
Owner

@JoelGMSec commented on GitHub (Oct 6, 2023):

Thanks again @ms101 :)

<!-- gh-comment-id:1750841266 --> @JoelGMSec commented on GitHub (Oct 6, 2023): Thanks again @ms101 :)
Sign in to join this conversation.
No labels
pull-request
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/EvilnoVNC-JoelGMSec#29
No description provided.