The challenge uses the Django framework to host a website, and a binary service written in C++ provides data access.
The web service only has one potential vulnerability. It uses Django-redis to store session data. This library uses pickle to serialize data. This is vulnerable if an attacker is able to control both the cache key and data.
Luckily the provided binary service can do them all. You are able to write a blog(cache content) controllable. So the only problem is about the cache key. One obvious difference between the binary and the common ones is, it's compiled with AddressSanitizer to detect memory corruption bugs. And we can check the binary service output from the web interface, even its stderr!
The idea is to retrieve sensitive data from ASAN's bug report. I leave an easy-