asvd / jailed

execute untrusted code with custom permissions
MIT License
1.01k stars 69 forks source link

Sandbox Escape in jailed with Node.js #62

Open seongil-wi opened 1 year ago

seongil-wi commented 1 year ago

application.disconnect();



Sandbox can be escaped by calling `setTimeout().ref()` function.
Also, we can execute arbitrary shell code using process module.