https://github.com/kpcyrd/boxxy-rs
Linkable sandbox explorer
https://github.com/kpcyrd/boxxy-rs
regression-testing rust sandboxing security-testing
Last synced: about 1 year ago
JSON representation
Linkable sandbox explorer
- Host: GitHub
- URL: https://github.com/kpcyrd/boxxy-rs
- Owner: kpcyrd
- License: lgpl-3.0
- Created: 2017-10-27T17:13:24.000Z (over 8 years ago)
- Default Branch: main
- Last Pushed: 2025-01-23T00:49:58.000Z (over 1 year ago)
- Last Synced: 2025-05-13T19:06:37.522Z (about 1 year ago)
- Topics: regression-testing, rust, sandboxing, security-testing
- Language: Rust
- Homepage: https://docs.rs/boxxy/
- Size: 259 KB
- Stars: 79
- Watchers: 4
- Forks: 9
- Open Issues: 10
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-pentest - boxxy - Linkable sandbox explorer. (Reverse Engineering / Reverse Engineering Tools)
- awesome-pentest - boxxy - Linkable sandbox explorer. (Reverse Engineering / Reverse Engineering Tools)
- awesome-pentest - boxxy - Linkable sandbox explorer. (Reverse Engineering Tools / Penetration Testing Report Templates)
- fucking-awesome-pentest - boxxy - Linkable sandbox explorer. (Reverse Engineering / Reverse Engineering Tools)
- awesome-penetest - boxxy - Linkable sandbox explorer. (Reverse Engineering / Reverse Engineering Tools)
- venom - `boxxy` - Linkable sandbox explorer. (Reverse Engineering / Penetration Testing Report Templates)
- awesome-pentest-reference - boxxy - Linkable sandbox explorer. (Reverse Engineering Tools / Penetration Testing Report Templates)
- penetration-testing - boxxy - Linkable sandbox explorer. (Reverse Engineering / Reverse Engineering Tools)
README
# boxxy-rs [![Build Status][travis-img]][travis] [![crates.io][crates-img]][crates] [![docs.rs][docs-img]][docs]
[travis-img]: https://travis-ci.org/kpcyrd/boxxy-rs.svg?branch=master
[travis]: https://travis-ci.org/kpcyrd/boxxy-rs
[crates-img]: https://img.shields.io/crates/v/boxxy.svg
[crates]: https://crates.io/crates/boxxy
[docs-img]: https://docs.rs/boxxy/badge.svg
[docs]: https://docs.rs/boxxy
"_If you implement boundaries and nobody is around to push them, do they even
exist?_". Have you ever wondered how your sandbox looks like from the inside?
Tempted to test if you can escape it, if only you had a shell to give it a try?
boxxy is a library that can be linked into a debug build of an existing program
and drop you into an interactive shell. From there you can step through various
stages of your sandbox and verify it actually contains™.
## Development
cargo run --example boxxy
## Linking with rust
Just put a dev-dependencies in your Cargo.toml and copy `examples/boxxy.rs` to
your `examples/` folder. Modify to include your sandbox.
[dev-dependencies]
boxxy = "0.*"
## Linking with C
There is an example program, check the Makefile to see how it's built.
make cboxxy
## Calling into machinecode
[%]> # just RET to prompt
[%]> jit ww==
[%]> # print ohai and exit
[%]> jit 6xpeuAEAAABIice6BQAAAA8FuDwAAABIMf8PBejh////b2hhaQo=
You can use the `objdump` utility to generate shellcode from assembly:
make sc/ohai && cargo run --example objdump sc/ohai
## Invoking from php
See [autoboxxy](autoboxxy/) for tooling to load boxxy from php, even if
`shell_exec` and friends are disabled by php.ini.
## Static binary
You may need to build a fully static binary, this is possible using the
`x86_64-unknown-linux-musl` target.
cargo build --release --example boxxy --target x86_64-unknown-linux-musl
strip target/x86_64-unknown-linux-musl/release/examples/boxxy
## Debugging systemd security
There is a special ipc binary that automatically swaps its stdio interface with
an unix domain socket so it can be used to debug security settings of a systemd
unit.
Prepare `ipc-boxxy`:
cargo build --release --example ipc-boxxy
install -Dm755 target/release/examples/ipc-boxxy /usr/local/bin/ipc-boxxy
Prepare systemd unit:
sudo tee /etc/systemd/system/ipc-boxxy@.service <