Unfortunately, this challenge was essentially the same challenge I took during CSAW 2014 with some slight tweaks to it, making it slightly challenging than the last. As with before, the challenge provided a Python script which was used as a sandbox, preventing certain modules and functions from being executed.
"Serve a request"
code = raw_input()
"Hyper-secure, military grade python sandboxing"
prohibited_keywords = [
for keyword in prohibited_keywords:
if keyword in code:
Welcome to Safe Interactive CPython Shell (SICS)
- Wash your dishes
- Don't eat the yellow snow
- Do not import anything
- No peeking at files!
if __name__ == '__main__':
This is a preview of
tinyCTF – Exp200. Read the full post