A hacker found a sec hole in our online python class 🙁 He read our secret file which contains the secret way of milking a snake! After hunting him down, we fixed the hole so no one will ever milk a snake again http://chal.noxale.com:8001

This challenge is very similar to the “Python For Fun” challenge, but this time they have blacklisted lots of builtin functions and modules like __import__, os, open, getattr, etc. Therefore, I started with listing all classes that inherit from the object class.

The class ‘os._wrap_close’ looked interesting since it may have access to other functions from os module.

Let’s see what globals does __init__ hold inside.

Nice! It has the listdir function. However, there is an even better option, which is the system function. Let’s use it to run ls command first.

Again, we have the file FLAG in the working directory. Let’s use cat FLAG to print the contents of it.

Here we have the flag noxCTF{py7h0n_15_6r347}.