The author shares how they discovered and exploited a Lua vulnerability in Factorio, explaining the impact on clients and the potential danger of executing untrusted Lua code. They discuss Factorio’s use of Lua for game logic and mods, emphasizing the risks associated with exposing the Lua interpreter to network attacks. Details on bytecode execution, memory corruption, and the power of fake objects in Lua exploitation are provided, highlighting the complexity and challenges of manipulating bytecode. The potential to leak addresses through type confusion in loops is explored, showcasing the depth of vulnerability in Lua implementation. Unique insights into Lua bytecode manipulation are shared, exposing the risks of executing untrusted scripts.
https://memorycorruption.net/posts/rce-lua-factorio/