autoboxxy
| Crates.io | autoboxxy |
| lib.rs | autoboxxy |
| version | 0.1.0 |
| source | src |
| created_at | 2019-02-27 13:28:16.388329 |
| updated_at | 2019-02-27 13:28:16.388329 |
| description | Linkable sandbox explorer, invoke on constructor |
| homepage | |
| repository | https://github.com/kpcyrd/boxxy-rs |
| max_upload_size | |
| id | 117560 |
| size | 3,501 |
(kpcyrd)
documentation
README
libautoboxxy
Exports a static constructor that is executed by the dynamic loader as soon as
the library is loaded. It then executes $AUTOBOXXY from the environment as a
boxxy command and terminates the process.
cargo build && AUTOBOXXY="exec id" LD_PRELOAD=`pwd`/../target/debug/libautoboxxy.so date
Usage with php
There's a bug feature in php that allows you to execute code even when
shell_exec and friends are disabled by php.ini. This uses autoboxxy under the
hood to take over the sendmail invocation to execute arbitrary code. See
boxxy.php to see how this is done.
This technique has been borrowed from Chankro.