{"id":13875933,"url":"https://github.com/kpcyrd/boxxy-rs","last_synced_at":"2025-05-16T16:08:02.382Z","repository":{"id":45859200,"uuid":"108573514","full_name":"kpcyrd/boxxy-rs","owner":"kpcyrd","description":"Linkable sandbox explorer","archived":false,"fork":false,"pushed_at":"2025-01-23T00:49:58.000Z","size":265,"stargazers_count":79,"open_issues_count":10,"forks_count":9,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-05-13T19:06:37.522Z","etag":null,"topics":["regression-testing","rust","sandboxing","security-testing"],"latest_commit_sha":null,"homepage":"https://docs.rs/boxxy/","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kpcyrd.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["kpcyrd"],"patreon":"kpcyrd"}},"created_at":"2017-10-27T17:13:24.000Z","updated_at":"2025-04-08T06:38:25.000Z","dependencies_parsed_at":"2025-02-28T02:18:43.204Z","dependency_job_id":"f9673035-102c-4da2-9104-ad5166b507fd","html_url":"https://github.com/kpcyrd/boxxy-rs","commit_stats":null,"previous_names":[],"tags_count":19,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kpcyrd%2Fboxxy-rs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kpcyrd%2Fboxxy-rs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kpcyrd%2Fboxxy-rs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kpcyrd%2Fboxxy-rs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kpcyrd","download_url":"https://codeload.github.com/kpcyrd/boxxy-rs/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254564127,"owners_count":22092122,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["regression-testing","rust","sandboxing","security-testing"],"created_at":"2024-08-06T06:00:50.922Z","updated_at":"2025-05-16T16:08:02.335Z","avatar_url":"https://github.com/kpcyrd.png","language":"Rust","funding_links":["https://github.com/sponsors/kpcyrd","https://patreon.com/kpcyrd"],"categories":["Reverse Engineering","Rust","rust","Reverse Engineering Tools","Tools"],"sub_categories":["Reverse Engineering Tools","Penetration Testing Report Templates"],"readme":"# boxxy-rs [![Build Status][travis-img]][travis] [![crates.io][crates-img]][crates] [![docs.rs][docs-img]][docs]\n\n[travis-img]:   https://travis-ci.org/kpcyrd/boxxy-rs.svg?branch=master\n[travis]:       https://travis-ci.org/kpcyrd/boxxy-rs\n[crates-img]:   https://img.shields.io/crates/v/boxxy.svg\n[crates]:       https://crates.io/crates/boxxy\n[docs-img]:     https://docs.rs/boxxy/badge.svg\n[docs]:         https://docs.rs/boxxy\n\n\"_If you implement boundaries and nobody is around to push them, do they even\nexist?_\". Have you ever wondered how your sandbox looks like from the inside?\nTempted to test if you can escape it, if only you had a shell to give it a try?\nboxxy is a library that can be linked into a debug build of an existing program\nand drop you into an interactive shell. From there you can step through various\nstages of your sandbox and verify it actually contains™.\n\n## Development\n\n    cargo run --example boxxy\n\n## Linking with rust\n\nJust put a dev-dependencies in your Cargo.toml and copy `examples/boxxy.rs` to\nyour `examples/` folder. Modify to include your sandbox.\n\n    [dev-dependencies]\n    boxxy = \"0.*\"\n\n## Linking with C\n\nThere is an example program, check the Makefile to see how it's built.\n\n    make cboxxy\n\n## Calling into machinecode\n\n     [%]\u003e # just RET to prompt\n     [%]\u003e jit ww==\n     [%]\u003e # print ohai and exit\n     [%]\u003e jit 6xpeuAEAAABIice6BQAAAA8FuDwAAABIMf8PBejh////b2hhaQo=\n\nYou can use the `objdump` utility to generate shellcode from assembly:\n\n    make sc/ohai \u0026\u0026 cargo run --example objdump sc/ohai\n\n## Invoking from php\n\nSee [autoboxxy](autoboxxy/) for tooling to load boxxy from php, even if\n`shell_exec` and friends are disabled by php.ini.\n\n## Static binary\n\nYou may need to build a fully static binary, this is possible using the\n`x86_64-unknown-linux-musl` target.\n\n    cargo build --release --example boxxy --target x86_64-unknown-linux-musl\n    strip target/x86_64-unknown-linux-musl/release/examples/boxxy\n\n## Debugging systemd security\n\nThere is a special ipc binary that automatically swaps its stdio interface with\nan unix domain socket so it can be used to debug security settings of a systemd\nunit.\n\nPrepare `ipc-boxxy`:\n\n    cargo build --release --example ipc-boxxy\n    install -Dm755 target/release/examples/ipc-boxxy /usr/local/bin/ipc-boxxy\n\nPrepare systemd unit:\n\n    sudo tee /etc/systemd/system/ipc-boxxy@.service \u003c\u003cEOF\n    [Unit]\n    Description=ipc boxxy debugger\n\n    [Service]\n    User=root\n    ExecStart=/usr/local/bin/ipc-boxxy /run/boxxy-%i.sock\n\n    NoNewPrivileges=yes\n    ProtectSystem=strict\n    ProtectHome=true\n    PrivateTmp=true\n    PrivateDevices=true\n    ProtectKernelTunables=true\n    ProtectKernelModules=true\n    ProtectControlGroups=true\n    RestrictAddressFamilies=AF_UNIX\n    MemoryDenyWriteExecute=true\n    CapabilityBoundingSet=\n    InaccessiblePaths=-/etc/ssh\n\n    EOF\n\nAttach to shell:\n\n    sudo target/debug/ipc-listener /run/boxxy-foo.sock 'systemctl start ipc-boxxy@foo'\n\nYou can run arbitrary commands with `exec`:\n\n    exec bash -i\n\n## AWS lambda\n\nThe example folder contains a reimplementation of lambdash, it automatically\ndeploys boxxy as an aws lambda and allows you to execute commands on it. The\nclient supports cross account access, but needs a preconfigured role that the\nlambda should use. You need to build a [static binary](#static-binary) first.\n\n    cargo run --features=aws --example lambdash -- \\\n        --assume-role arn:aws:iam::133713371337:role/AdminRole \\\n        --role arn:aws:iam::133337133337:role/lambda-test-role\n        eu-west-1 boxxy\n\n## Examples\n\nThere are vulnerable sandboxes (`examples/vuln-*`) as a challenge that can be\nexploited using the boxxy shell (no need to compile any exploits).\n\n**DO NOT POST SPOILERS**\n\nStart a challenge using eg. `cargo run --example vuln-chroot`\n\n## Warning\n\nThe shell is a basic interface for human input, do not write actual scripts,\nthere be dragons.\n\n**Do not include boxxy in production builds.**\n\n## License\n\nThis project is free software released under the LGPL3+ license.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkpcyrd%2Fboxxy-rs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkpcyrd%2Fboxxy-rs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkpcyrd%2Fboxxy-rs/lists"}