{"guid":"6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac","title":"Escaping a misleading \"sandbox\": breaking the WebAssembly-JavaScript barrier","subtitle":null,"slug":"why2025-226-escaping-a-misleading-sandbox-breaking-the-webassembly-javascript-barrier","link":"https://program.why2025.org/why2025/talk/NK7YTF/","description":"When embedded into JavaScript, WebAssembly modules can be \"sandboxed\" by defining a limited set of _imports_. It turns out that an obscure \"feature\" allows us to craft an exploit which bypasses this barrier, enabling us to run arbitrary JavaScript code (pop an alert) from within a malicious WASM module. All within spec... by accident?\n\n(Also released as write-up in Phrack #72)\n\nWhen talking about WebAssembly, the word \"sandbox\" comes up often: modules are isolated from eachother, and from the host runtime.\nHence, it is perfectly safe to run untrusted WASM modules (e.g. plugins) in a web-app: the module's interfaces can be limited, making it such that any malicious code has no way of escaping.\n\n... is what I thought.\n\nIn this talk I will show how a sneaky specification detail allows us to program a JavaScript version of a _weird machine_, to eventually escape from WebAssembly into running arbitrary JavaScript code. This trick is fully in-spec and requires no actual browser exploitation (we don't break _that_ sandbox). Hence, this talk should be accessible for anyone with a basic JavaScript understanding. No WebAssembly experience is required: I will cover everything required to understand the exploit.\n\nLicensed to the public under https://creativecommons.org/licenses/by/4.0/","original_language":"eng","persons":["Thomas Rinsma"],"view_count":594,"promoted":false,"date":"2025-08-11T11:00:00.000+02:00","release_date":"2025-08-12T00:00:00.000+02:00","updated_at":"2026-04-18T23:30:06.562+02:00","tags":["226","2025","why2025","Hacking","Cassiopeia","why2025-eng","Day 5"],"length":2448,"duration":2448,"thumb_url":"https://static.media.ccc.de/media/events/why2025/226-6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac.jpg","poster_url":"https://static.media.ccc.de/media/events/why2025/226-6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac_preview.jpg","timeline_url":"https://static.media.ccc.de/media/events/why2025/226-6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/events/why2025/226-6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/why2025-226-escaping-a-misleading-sandbox-breaking-the-webassembly-javascript-barrier","url":"https://api.media.ccc.de/public/events/6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac","conference_title":"What Hackers Yearn 2025","conference_url":"https://api.media.ccc.de/public/conferences/WHY2025","related":[],"recordings":[{"size":231,"length":2448,"mime_type":"video/webm;codecs=av01","language":"eng","filename":"why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_av1-hd.webm","state":"new","folder":"av1-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-08-12T16:13:06.987+02:00","recording_url":"https://cdn.media.ccc.de/events/why2025/av1-hd/why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_av1-hd.webm","url":"https://api.media.ccc.de/public/recordings/89934","event_url":"https://api.media.ccc.de/public/events/6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac","conference_url":"https://api.media.ccc.de/public/conferences/WHY2025"},{"size":37,"length":2448,"mime_type":"audio/mpeg","language":"eng","filename":"why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2025-08-12T15:18:19.109+02:00","recording_url":"https://cdn.media.ccc.de/events/why2025/mp3/why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/89882","event_url":"https://api.media.ccc.de/public/events/6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac","conference_url":"https://api.media.ccc.de/public/conferences/WHY2025"},{"size":277,"length":2448,"mime_type":"video/webm","language":"eng","filename":"why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-08-12T16:39:54.654+02:00","recording_url":"https://cdn.media.ccc.de/events/why2025/webm-hd/why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/89945","event_url":"https://api.media.ccc.de/public/events/6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac","conference_url":"https://api.media.ccc.de/public/conferences/WHY2025"},{"size":99,"length":2448,"mime_type":"video/webm","language":"eng","filename":"why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2025-08-12T16:09:52.095+02:00","recording_url":"https://cdn.media.ccc.de/events/why2025/webm-sd/why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/89928","event_url":"https://api.media.ccc.de/public/events/6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac","conference_url":"https://api.media.ccc.de/public/conferences/WHY2025"},{"size":92,"length":2448,"mime_type":"video/mp4","language":"eng","filename":"why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2025-08-12T15:26:25.457+02:00","recording_url":"https://cdn.media.ccc.de/events/why2025/h264-sd/why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_sd.mp4","url":"https://api.media.ccc.de/public/recordings/89894","event_url":"https://api.media.ccc.de/public/events/6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac","conference_url":"https://api.media.ccc.de/public/conferences/WHY2025"},{"size":26,"length":2447,"mime_type":"audio/opus","language":"eng","filename":"why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2025-08-12T15:18:23.203+02:00","recording_url":"https://cdn.media.ccc.de/events/why2025/opus/why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_opus.opus","url":"https://api.media.ccc.de/public/recordings/89883","event_url":"https://api.media.ccc.de/public/events/6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac","conference_url":"https://api.media.ccc.de/public/conferences/WHY2025"},{"size":302,"length":2448,"mime_type":"video/mp4","language":"eng","filename":"why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-08-12T15:11:18.620+02:00","recording_url":"https://cdn.media.ccc.de/events/why2025/h264-hd/why2025-226-eng-Escaping_a_misleading_sandbox_breaking_the_WebAssembly-JavaScript_barrier_hd.mp4","url":"https://api.media.ccc.de/public/recordings/89875","event_url":"https://api.media.ccc.de/public/events/6a2c3efa-cb53-5cdb-ae3f-40fb6729f3ac","conference_url":"https://api.media.ccc.de/public/conferences/WHY2025"}]}