n ko so pa to ma to pa so ko n
Beginner Hint: What Is Jail? (AI-translated)
- AlpacaHack currently focuses on four categories: Crypto, Pwn, Rev, and Web. Challenges from other fields are classified under the Misc category.
- This challenge belongs to the Misc category, and more specifically, it is one of the challenges called Jail.
- Jail sometimes appears as its own independent category, including in SECCON Quals.
- Jail challenges are themed around escaping from some kind of restricted execution environment, or "jail."
- If you can take advantage of imperfections in the given environment or restrictions and perform an unintended action, you can obtain the flag.
- Jail challenges related especially to Python language features are called Pyjail.
Beginner Hint: First Step (AI-translated)
- If you read the script, you can see that after checking whether the input is a palindrome, it executes that input with
eval. flag.txtis placed at./flag.txtby theDockerfile.- First, think about an easier version of this challenge where the palindrome-checking
assertstatement does not exist. - In that case, you could simply input
print(open("flag.txt").read())to read the flag. - While keeping in mind the question "How can I construct a palindromic payload?", try looking into Python language features and experimenting locally to observe their behavior.