Skip to content

Tag: security

Is it possible to break out of a restricted (custom) shell?

Not sure if this is the right place to ask. Say I write a shell that takes stdin input, filters this input so let’s say only certain commands like ls (list contents of binary directory and subdirectory) update (git clone) build (go build) test (go test) start (systemctl start this.service only) stop (sy…

How to perform memory dump to docker container from outside

I’m trying to find a way to perform a memory dump on a docker container in order to perform memory forensics (to detect malware exploits for example). I would like to be able to perform the same methods I use on a virtual machine. The problem is that docker containers (and any kind of linux containers) …

iptables LOG and DROP in one rule

I am trying to log outgoing connections with iptables. What I want is, drop and accept connection while logging them also. I have found that -j option takes DROP/REJECT/ACCEPT/LOG. But I want to do something like DROP and LOG or ACCEPT and LOG. Is there a way to achieve this ? Answer Example: Log Exampe: Othe…

What is vulnerable about this C code?

The way I understand it, the code above allows arbitrary code (or program) execution — what makes this vulnerable, and how does one take advantage of this? Answer You can override the PATH variable to point to a directory with your custom version of echo and since echo is executed using env, it isn’t tr…