diff --git a/setup.py b/setup.py
index f40109f..84df457 100644
--- a/setup.py
+++ b/setup.py
@@ -2,7 +2,7 @@ from setuptools import setup
 
 setup(
     name="vanwanet_scrape",
-    version="1.1",
+    version="1.2",
     description="VanwaTech DDoS protection bypass",
     author="simon987",
     author_email="me@simon987.net",
diff --git a/vanwanet_scrape/scraper.py b/vanwanet_scrape/scraper.py
index 267f01a..e95eb82 100644
--- a/vanwanet_scrape/scraper.py
+++ b/vanwanet_scrape/scraper.py
@@ -58,13 +58,14 @@ class Scraper:
     @staticmethod
     def _transform_js(js):
         # Print cookie to console instead
-        challenge = SUB_PATTRN.sub(r'console.log("\1");', js)
+        challenge = SUB_PATTRN.sub(r'res="\1";', js)
         return AES + challenge
 
     @staticmethod
     def _execute_challenge(js):
+        js = js.replace("`", "")
+        js = "let sb={};vm = require('vm');vm.runInNewContext(`" + js + "`, sb, {timeout: 3000});console.log(sb.res)"
 
-        # TODO: run in some kind of sandbox
         node = subprocess.Popen(
             ["node", "-e", js], stdout=subprocess.PIPE, stderr=subprocess.PIPE,
             universal_newlines=True