Python Jail Escapes
At the meeting of my CTF team I gave a talk about Python jail escapes.
I.e., CTF challenges where there is only a very limited execution environment and the goal is to get unrestricted code execution, e.g. executing os.system('cat flag.txt')
.
While I have the slides, I think reading the blog post on the KITCTF blog with all the examples I wrote for the talk is much more insightful.
It is meant to serve as a practice problems for everyone who wants to get started with exploiting Python jails.
If you want to see a slightly more complex example of a Python jail escape, check out my other blog post.