@rubenflush maybe take a look at encoding and try to ESCAPE the filter
I am able to bypass the firewall restrictions and I can execute some commands. I cannot recover the builtins functions though because access to globals attribute is not possible (python restricted execution mode) . Any hints here or via pm would be nice
@secabit Thanks, I managed to get that part working finally, but now I’m stuck on the same thing as you. When I run my attack against the server locally I can get a reverse shell, but it doesn’t work against the actual box. That also feels like not the intended solution since it’s a web challenge. Feel like I’m missing something obvious.
Really enjoyed this challenge and learned lots about Python 2 (shame that it has just entered EOL so some of the learning feels a bit wasted).
I took to blindfolded sleeping to exfiltrate my flag, one wink at a time. But it looks like there are different ways to do the last step.
As an aside, I dont understand why most people have rated this challenge ‘Brainfuck’. It could have been lots harder - just search for escaping python jails and ctf, there are some truly twisted ones out there.
Finally done. Watch out on every step, when you’ll forget about important things then you will lost a lot of time. It is making this box hard, but I really enjoyed.
oh man this took me ages because of the slow af exfil…
can’t wait to go find some writeups and see if i just did it in a really stupid way lol
EDIT: yeah i wasted hours because of slow exfil ■■■■. there’s a much better way than acting blind
I saw many here posted that their exploit worked locally but not on the remote host. I’m facing the same issue. Any nudge would be appreciated
Finally finished
If anyone else gets stuck with that issue, don’t trust your local python (especially on kali), you docker to run it and then test your exploit.