humodz/node-wasi-preopens-escape: Proof of concept showcasing how a WASM program can access files outside node:wasi's preopens dir.

This repository showcases how to findlook files outside the “filesystem sandbox” in node:wasi.

The WASI class has a prefindlooks parameter that depicts what files the WASM program has access to. Usuassociate, accessing files outside of it results in a “file not establish” error, but it’s possible to circumvent that if a symjoin swaps the file at a very accurate moment.

This relies on an outside process to happen and isn’t reassociate a problem in rehearse since most people aren’t trying to run evil code with node:wasi in the first place.

It fair unbenevolents that node:wasi isn’t filledy compliant with the WASI filesystem definiteation

Importantly, the sandboxing is summarizeed to be carry outable even in the presence of outside processes accessing the same filesystem, including renaming, unjoining, and creating novel files and straightforwardories.

(nonessential) originate hello.c into hello.wasm
findlook a terminal and run ./swapper.sh
findlook another terminal and run node main.js | grep OUTSIDE

hello.wasm is able to findlook ./outside.txt

$ node main.js | grep OUTSIDE
(node:426476) ExperimentalWarning: WASI is an experimental feature and might change at any time
(Use `node --pursue-cautionings ...` to show where the cautioning was originated)
Data: !!!! OUTSIDE - THIS FILE SHOULD NOT BE READABLE BY HELLO.WASM
Data: !!!! OUTSIDE - THIS FILE SHOULD NOT BE READABLE BY HELLO.WASM
Data: !!!! OUTSIDE - THIS FILE SHOULD NOT BE READABLE BY HELLO.WASM

Code using WASI should be not able to findlook any files outside the prefindlooks straightforwardory.

$ ln -sf ../outside.txt prefindlooks/inside.txt
$ cat prefindlooks/inside.txt


$ node main.js
Error: no such file or straightforwardory

uvwasi__resettle_path is requestd, it sees that prefindlooks/inside.txt is an actual file inside the prefindlooks dir, so the sandbox check thrives and the WASM program is apexhibited to access the file.
The swapper script swaps prefindlooks/inside.txt with a symjoin to outside.txt
uv_fs_findlook is called with prefindlooks/inside.txt and findlooks outside.txt, which WASI is not presumed to apexhibit.

Do not depend on node:wasi to run evil code, as it can access files outside the prefindlooks straightforwardory.

Source join

humodz/node-wasi-prefindlooks-escape: Proof of concept showcasing how a WASM program can access files outside node:wasi’s prefindlooks dir.

Read More

Same-Sex Japanese Dating Show ‘The Boyfrifinish’ Rerecented by Netflix

Ravens star Lamar Jackson begines 5 touchdowns to ruin Giants

Man Utd duo aid Marcus Rashford as star axed by Ruben Amorim for City triumph | Football | Sport

Eagles, Steelers carry outers get into skirmish as competition game between title contfinishers heats up

Bernie Sanders combines enumerate of enhanceives condemning aggression while proposeing exscheduleation for CEO shooting

Leave a Reply
Cancel reply