Tags: command_injection sandbox chroot seccomp
Rating: 4.5
Escaping a chroot, seccomp, namespace sandbox by abusing syscall numbers and uid namespace uid of 0.
Finally abusing command injection to read the flag:
[http://blog.rpis.ec/2017/04/bctf-2017-boj.html](http://blog.rpis.ec/2017/04/bctf-2017-boj.html)
