Google CTF 2022: Treebox
This is the write-up for Treebox, one of the easier Sandbox Escape challenges from Google CTF 2022.
The challenge statement says, “I think I finally got Python sandboxing right.”, and we’re provided with a hostname/port pair and (conveniently) the source code of the sandbox. The flag is in a file called flag in the current working directory of the sandbox process.