Writeups by team perfect blue
SW Expert Academy
In this challenge, we are given an online code challenge website where we can compile and run code, and we get the output of how many test cases were passed.
The obvious things such as open/execve and other risky commands were filtered, however we could use syscall. Using this, we can basically do a open/read to read the flag file.
Since we don't get direct output, but only a boolean array of which testcases passed, we can use this information to extract the flag 3 bits at a time.
import requests