goBox : GO Sandbox To Run Untrusted Code

goBox uses Ptrace to hook into READ syscalls, giving you the option to accept or deny syscalls before they are executed. GO sandbox to run untrusted code.

Usage

Usage of ./gobox:

gobox [FLAGS] command

Flags:
-h Print Usage.
-n value
A glob pattern for automatically blocking file reads.
-y value
A glob pattern for automatically allowing file reads.

Also Read – https://kalilinuxtutorials.com/dnsprobe/

Use cases

You want to install anything

> gobox -n “/etc/password.txt” npm install sketchy-module
BLOCKED READ on /etc/password.txt
>gobox -n “/etc/password.txt” bash <(curl https://danger.zone/install.sh)
BLOCKED READ on /etc/password.txt

You are interested in what file reads you favorite program makes.

Sure you could use strace, but it references file descriptors the tool makes the this much easier at a glance by printing the absolute path of the fd.

>gobox ls
Wanting to READ /usr/lib/x86_64-linux-gnu/libselinux.so.1 [y/n]

NOTE: It’s definitely a better idea to encrypt all your sensitive data, it should probably only be used when that is inconvenient or impractical.

NOTE: I haven’t made any effort for cross-x compatibility so it currently only works on linux. I’d happily accept patches to improve portability.

R K

Recent Posts

How to Install Docker on Ubuntu (Step-by-Step Guide)

Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…

4 days ago

Uninstall Docker on Ubuntu

Docker is one of the most widely used containerization platforms. But there may come a…

4 days ago

Admin Panel Dorks : A Complete List of Google Dorks

Introduction Google Dorking is a technique where advanced search operators are used to uncover information…

5 days ago

Log Analysis Fundamentals

Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…

6 days ago

Networking Devices 101: Understanding Routers, Switches, Hubs, and More

What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…

7 days ago

Sock Puppets in OSINT: How to Build and Use Research Accounts

Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…

1 week ago