The challenge is a PHP site for taking notes. The notes are saved as a php file, and there is a blacklist intended to stop the user from messing around with other data. The filter are applied 3 times, so our payload must account for that.
Payload :
<<<<<<$output";
????>>>>