Rating:

The vulnerability resides in ``input()`` function, that allows us to inject code.
Run solve.py and get your flag.

Original writeup (https://github.com/TrollzorFTW/writeups/tree/master/bsidesbos/warmups/y2k).