This is the exploit for the challenge. requirements.txt has the Python library necessary (Pillow and pwntools).
exploit.py is the main exploit, send it IP address and port:
python2 exploit.py localhost:31337
As this exploit leaks the flag via a screenshot, it does a simple check to verify that the flag is there and then output the correct flag.
If you want to manually verify the exploit, in exploit.py change DEBUG = False to DEBUG = True, and each screenshot that the challenge sends will be displayed on your computer.
client.py is a simple front-end for the service, and it shows all the screenshots as they are sent.