diff --git a/Primefaces - CVE-2017-1000486/Dockerfile b/Primefaces - CVE-2017-1000486/Dockerfile
new file mode 100644
index 0000000..fef1b46
--- /dev/null
+++ b/Primefaces - CVE-2017-1000486/Dockerfile	
@@ -0,0 +1,21 @@
+FROM rockylinux:8
+
+RUN mkdir /app
+WORKDIR /app
+
+COPY primefaces_CVE-2017-1000486_fd.py .
+COPY requirements.txt .
+
+# python2 must be installed before python2-devel otherwise,
+# when 'dnf remove' python2-devel, python2 is also removed
+RUN dnf install -y python2 python2-pip \
+    && dnf install -y gcc python2-devel redhat-rpm-config \
+    && python2 -m pip install -r requirements.txt && rm requirements.txt \
+    && dnf autoremove -y gcc python2-devel redhat-rpm-config && dnf clean all -y
+
+USER root
+
+ENTRYPOINT ["python2", "/app/primefaces_CVE-2017-1000486_fd.py"]
+
+CMD ["-h"]
+
diff --git a/Primefaces - CVE-2017-1000486/README.md b/Primefaces - CVE-2017-1000486/README.md
index fe43815..4fd54e7 100644
--- a/Primefaces - CVE-2017-1000486/README.md	
+++ b/Primefaces - CVE-2017-1000486/README.md	
@@ -36,6 +36,22 @@ Execute *whoami* command on target WebSphere application server, extracting 10 c
 
 	python.exe primefaces_CVE-2017-1000486_fd.py -pt "/javax.faces.resource/main/css/showcase.css.xhtml" -c whoami -w 1 -ln 10 http://localhost:8080/showcase-5.2
 
+**Docker**
+
+Build image
+
+        git clone https://github.com/federicodotta/Exploit.git
+        cd 'Exploit/Primefaces - CVE-2017-1000486'
+        docker build -t primefaces_CVE-2017-1000486 .
+
+Execute **primefaces_CVE-2017-1000486_fd.py** with docker
+
+        docker run --rm -it primefaces_CVE-2017-1000486 [params...]
+
+**Requirements**
+
+Due to `paddingoracle` module, **primefaces_CVE-2017-1000486_fd.py** is limited to Python 2.
+
 **Disclaimer:**
 
-This software has been created purely for the authorized penetration testing and red teaming activies, and is not intended to be used to attack systems except where explicitly authorized. Project maintainers are not responsible or liable for misuse of the software. Use responsibly.
\ No newline at end of file
+This software has been created purely for the authorized penetration testing and red teaming activies, and is not intended to be used to attack systems except where explicitly authorized. Project maintainers are not responsible or liable for misuse of the software. Use responsibly.
diff --git a/Primefaces - CVE-2017-1000486/requirements.txt b/Primefaces - CVE-2017-1000486/requirements.txt
new file mode 100644
index 0000000..d9e0bda
--- /dev/null
+++ b/Primefaces - CVE-2017-1000486/requirements.txt	
@@ -0,0 +1,6 @@
+# paddingoracle only support python2
+paddingoracle
+requests
+# Dependency fo crypto library. Typical call: Crypto.*
+# Only support python <= "3.3"
+pycrypto