Why does this malicious code work? (Lua, FFI)
Below is a sandboxed Lua script that uses FFI to execute malicious C code. A fixed memory address is used to load a windows function GetProcAddress which is subsequently used to run a powershell script.
What I am confused about is address …