Glass Box v1

Server transparency system by Open Source Security Inc.

What is Glass Box?

Glass Box proves a VPN server has nothing to hide. Anyone connected to the WireGuard tunnel can SSH into a read-only transparency shell and inspect everything: configs, firewall rules, DNS settings, running services, and more.

No trust required. Verify it yourself.

How It Works

  1. Connect to the WireGuard tunnel (get access below)
  2. SSH in: ssh -i glassbox-reviewer verify@10.13.37.1
  3. You land in a read-only transparency shell with whitelisted commands
  4. Inspect configs, firewall rules, DNS, services — everything is visible
  5. Three protected files are off-limits. Read one? You win $1,000.

The Bounty Challenge

$1,000

Break out of the Glass Box verify shell and read any of the three protected files. If you can access them through the transparency shell, you win.

Protected targets: WireGuard private config, customer database, SSH private key. All sessions are logged and the server owner is alerted on connect.

Get Tunnel Access

To try the verify shell or participate in the bounty challenge, request a WireGuard peer config:

Email: glassbox@opensourcesecurity.net

Subject: "Glass Box reviewer access"

Security Scan Results

Lynis Hardening
rkhunter
AIDE Integrity
Last Scan

Full reports: lynis · rkhunter · aide · server snapshot

Source Code

The full Glass Box stack is open source: github.com/ossecurity/glassbox