t0pl

## _safest-eval-writeup.md

      
              5 files
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                t0pl
                / _safest-eval-writeup.md
            
            
              Created
              October 7, 2025 14:17
                — forked from rebane2001/_safest-eval-writeup.md
            
          
    Hack.lu CTF 2023 - Safest Eval (Python jail escape)

Challenge by: realansgar

Writeup by: rebane2001
Overview

The challenge consists of a simple Flask webapp that lets you eval arbitrary Python code in a jail in order to evaluate your solution to a leetcode-style programming challenge. The flag can be retrieved by running the /readflag setuid program. The source code was provided.


## notes.py
# -*- coding: utf-8 -*-
# To list this file sections: $ grep '^"" ' notes.py

"""""""""""""
"" Why Python ?
"""""""""""""
- extremely readable (cf. zen of Python + [this 2013 study](http://redmonk.com/dberkholz/2013/03/25/programming-languages-ranked-by-expressiveness/))
- simple & fast to write
- very popular (taught in many universities)
- has an extremely active development community
	# -- coding: utf-8 --
	# To list this file sections: $ grep '^"" ' notes.py

	"""""""""""""
	"" Why Python ?
	"""""""""""""
	- extremely readable (cf. zen of Python + [this 2013 study](http://redmonk.com/dberkholz/2013/03/25/programming-languages-ranked-by-expressiveness/))
	- simple & fast to write
	- very popular (taught in many universities)
	- has an extremely active development community