- 5.2, 2016: https://apocrypha.numin.it/talks/lua_bytecode_exploitation.p... (9MB PDF)
- 5.2, 2016: https://github.com/erezto/lua-sandbox-escape
- 5.1, 2015: https://www.corsix.org/content/malicious-luajit-bytecode (warning: dense)
There's a "luarop" link (boop.i0i0.me/blog.lua/luarop) referenced in the PDF, but the link sadly seems to have died (IA never crawled the domain).
Do any of them work without needing to load arbitrary bytecode, which is known to be insecure?
And presumably not.
- 5.2, 2016: https://apocrypha.numin.it/talks/lua_bytecode_exploitation.p... (9MB PDF)
- 5.2, 2016: https://github.com/erezto/lua-sandbox-escape
- 5.1, 2015: https://www.corsix.org/content/malicious-luajit-bytecode (warning: dense)
There's a "luarop" link (boop.i0i0.me/blog.lua/luarop) referenced in the PDF, but the link sadly seems to have died (IA never crawled the domain).