I smuggle HTTP/2 cleartext requests past NGINX to reach a restricted endpoint, then use shell expansion to read the flag under a strict character filter.
I bypass a Jinja2 sanitizer by splitting a payload across two form fields, then chain Flask's request object to reach subprocess and execute commands.
