On 13/09/16 09:04 PM, Peter Cawley wrote:
Yes, it is known, and credible. Defence is to not load untrusted
bytecode, or to build your sandboxes at the OS level rather than the
Lua level.
https://gist.github.com/corsix/49d770c7085e4b75f32939c6c076aad6 is
another link you might be interested in.
On Wednesday, 14 September 2016, tst2005 <tst2005@gmail.com
<mailto:tst2005@gmail.com>> wrote:
Hello,
I would like to know if the bug/vulnerability is already known ?
Is there a CVE number ?
I'm still trying to reproduce, but it seems credible.
http://apocrypha.numin.it/talks/lua_bytecode_exploitation.pdf
<http://apocrypha.numin.it/talks/lua_bytecode_exploitation.pdf>
https://gist.github.com/corsix/6575486
<https://gist.github.com/corsix/6575486>
https://github.com/erezto/lua-sandbox-escape
<https://github.com/erezto/lua-sandbox-escape>
https://www.reddit.com/r/netsec/comments/52cm3h
<https://www.reddit.com/r/netsec/comments/52cm3h>
Regards,
Sign/encrypt your bytecode.