In light of the reported scams using malicious
/run or
/dump commands and Blizzard's shortsighted warning message, I've taken up the task of developing an addon that places user-generated code from these commands (and possibly other addons enabling user-generated code to be run) into a virtual environment.
I
hinted on this earlier, using an experimental proxy system in an isolated shared environment.
To distinguish the two environments, the UI runs in the host environment while scripts run in the virtual environment. Proxies are empty tables in the virtual environment that use metatables to create read-only links to their equivalents in the host environment. Any writes attempted are caught by the proxy and stored in the virtual table instead of affecting the host. Using this method also allows the proxies to intercept indexing operations that return host-side tables and return replicated proxies of them instead. It's also possible to intercept and modify the behavior of functions referenced by their pointers or even deny access whether by refusing to serve the function or returning a no-op.
Included below is a sample implementation of this proxy system as a prototype. This modifies
loadstring() to return its functions set to the virtual environment and rewrites
RunScript() to use this. This change can be reverted by running
setfenv(func,_G) on the returned function from
loadstring() before running it (of course, this can't be done by the script being run).
If anyone has any ideas on which additonal functions I should block or modify, let me know. The ones covered are referenced in the
Redirects table. As the table is indexed by function pointer, frame methods should cover all frames.
Edit1: Fixed orphaned reference to
ProxyLookup in the new
loadstring().
Edit2: Fixed potential security vulnerability with unhandled
Frame:GetParent().
-=Disclaimer=-
This addon is designed to prevent granting foreign access to your game client. This is
not meant to prevent people from wiping out their own inventory or similar effects. While this addon does support the capability of blocking those functions, it's not meant to be a babysitter. Use caution running scripts from unknown people.
Linear Mode
