Tag: sandbox

Research and Judgment of Attack Technology|An Appreciation of Anti-Sandbox and Targeted Persistence Technology for Macro Document Attacks in the Wild

Intelligence Background Recently, Kaspersky security team captured an MS Excel script with information gathering and command execution capabilities. 4.0 Macro Sample. The attacker collected sufficient information about the execution environment to ensure the security of the execution environment, and also adopted targeted persistence methods for different security products in the environment. This article will analyze […]

node js sandbox escape

Directory this.tostring Q1: Why don’t we use {}.toString.constructor(‘return process’)() directly, but use this? Q2: m and n are also objects outside the sandbox, why can’t we use m.toString.constructor(‘return process’)()? Q2 derivative arguments.callee.caller Q1: What should I do if there are no string-related operations outside the sandbox? Use the explosive call stack to bypass the sandbox […]

Springboot Alipay sandbox payment — complete detailed steps

A technical point used in the preparation of the java internship interview project for everyone to learn and refer to Web page operation steps 1. Enter Alipay development platform – sandbox environment Log in to the open platform control platform with a developer account 2. Click the sandbox to enter the sandbox environment Description: The […]

nodejs sandbox escape vulnerability

Directory 1: Sandbox bypass 1: Concept 2: Core principles 3: Example analysis 3.1 this to get a toString method, and then use the toString method to get the constructor and get the process module Question 1: Why don’t we use {}.toString.constructor(‘return process’)() directly, but use this? Question 2: m and n are also objects outside […]

NodeJS vm&vm2 sandbox escape

Article directory NodeJS vm & vm2 sandbox escape What is a sandbox? Scope of NodeJS exports is the interface for exporting file elements global global object vm sandbox module vm.runInThisContext(code) vm. createContext([sandbox]) vm.runInContext(code,contextifiedSandbox[,options]) `vm.runInNewContext(code[,sandbox][,options])` vm.Script class new vm. Script(code, options) How to perform vm sandbox escape? vm2 sandbox escape [HFCTF2020] Just Escape NodeJS template string […]

nodejs VM sandbox bypass

Article directory nodejs vm sandbox bypass 1. Basic concept – what is a sandbox (sandbox) 2. The scope of nodejs 3. The operating principle of the vm module 4. Sandbox bypass 5. Some problems with sandbox bypass nodejs vm sandbox bypass 1. Basic concepts – what is a sandbox When we run some programs that […]

The reproduction of race competition vulnerability and the combination of sandbox escape and regularization

Table of Contents Recurrence of Race Competitive Vulnerabilities lab environment Construction of the operating environment environmental test Solution Sandbox Escape and Prototype Chain Pollution sandbox escape regular bypass Recurrence of Race Competitive Vulnerability Experimental environment What we’re talking about here is often vulnerable Django code And finally use yakit software for testing Building the operating […]

Sandbox Escape and Competitive Vulnerability Reappearance

Directory sandbox escape principle When this points to window When this points to null and no other objects are available The first trigger method The second trigger method The third trigger method Vulnerability recurrence competitive vulnerability Sandbox escape Principle When this points to window 1. This directly points to the window, get the constructor of […]