[Week1]calc_jail_beginner_level2.5(JAIL)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

#the length is be limited less than 13
#it seems banned some payload
#banned some unintend sol
#Can u escape it?Good luck!

def filter(s):
BLACKLIST = ["exec","input","eval"]
for i in BLACKLIST:
if i in s:
print(f'{i!r} has been banned for security reasons')
exit(0)

WELCOME = '''
_ _ _ _ _ _ _ ___ _____
| | (_) (_) (_) | | | |__ \ | ____|
| |__ ___ __ _ _ _ __ _ __ ___ _ __ _ __ _ _| | | _____ _____| | ) | | |__
| '_ \ / _ \/ _` | | '_ \| '_ \ / _ \ '__| | |/ _` | | | |/ _ \ \ / / _ \ | / / |___ \
| |_) | __/ (_| | | | | | | | | __/ | | | (_| | | | | __/\ V / __/ |/ /_ _ ___) |
|_.__/ \___|\__, |_|_| |_|_| |_|\___|_| | |\__,_|_|_|_|\___| \_/ \___|_|____(_)____/
__/ | _/ |
|___/ |__/
'''

print(WELCOME)

print("Welcome to the python jail")
print("Let's have an beginner jail of calc")
print("Enter your expression and I will evaluate it for you.")
input_data = input("> ")
filter(input_data)
if len(input_data)>13:
print("Oh hacker!")
exit(0)
print('Answer: {}'.format(eval(input_data)))


Unicode 欺骗
https://www.tr0y.wang/2019/05/06/Python%E6%B2%99%E7%AE%B1%E9%80%83%E9%80%B8%E7%BB%8F%E9%AA%8C%E6%80%BB%E7%BB%93/#%E6%9E%81%E7%AB%AF%E9%99%90%E5%88%B6
好棒的博客

[WEEK2]calc_jail_beginner_level5(JAIL)

1
#It\'s an challenge for jaillevel5 let\'s read your flag!\nimport load_flag\n\nflag = load_flag.get_flag()\n\ndef main():\n    WELCOME = \'\'\'\n  _                _                           _       _ _ _                _ _____ \n | |              (_)                         (_)     (_) | |              | | ____|\n | |__   ___  __ _ _ _ __  _ __   ___ _ __     _  __ _ _| | | _____   _____| | |__  \n | \'_ \\ / _ \\/ _` | | \'_ \\| \'_ \\ / _ \\ \'__|   | |/ _` | | | |/ _ \\ \\ / / _ \\ |___ \\ \n | |_) |  __/ (_| | | | | | | | |  __/ |      | | (_| | | | |  __/\\ V /  __/ |___) |\n |_.__/ \\___|\\__, |_|_| |_|_| |_|\\___|_|      | |\\__,_|_|_|_|\\___| \\_/ \\___|_|____/ \n              __/ |                          _/ |                                   \n             |___/                          |__/                                                                                                                                                                     \n\'\'\'\n    print(WELCOME)\n    print("It\'s so easy challenge!")\n    print("Seems flag into the dir()")\n    repl()\n\n\ndef repl():\n    my_global_dict = dict()\n    my_global_dict[\'my_flag\'] = flag\n    input_code = input("> ")\n    complie_code = compile(input_code, \'<string>\', \'single\')\n    exec(complie_code, my_global_dict)\n\nif __name__ == \'__main__\':\n    main()
作者

UPON2021

发布于

2022-10-12

更新于

2022-10-12

许可协议

评论

:D 一言句子获取中...

加载中,最新评论有1分钟缓存...