沙箱逃逸 ¶
In computer security, a sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures and/or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as storage and memory scratch space.
———— Wikipedia
Abstract
CTF 中有一些题目会提供一个沙箱来运行你的代码,需要逃逸出这个沙箱来执行一些代码来获取服务器中存储的 flag
这里写一些常见的通用的沙箱逃逸方法
Table of Contents¶
最后更新:
2023年2月24日 18:45:05
创建日期: 2022年1月10日 16:56:12
创建日期: 2022年1月10日 16:56:12