The problem is:
exploit = input('? ')
if eval(b64encode(exploit.encode('UTF-8'))) == math.pi:
print(open('flag.txt').read())
Note that the submitted string will be encoded into UTF-8 and then encoded into Base64.
With Base64 characters, we can write some numbers and operators 0123456789+/
(and hex abcdefABCDEFx
, but wasn't used in my solution).
My teammate azon found that these 4-character unit can be passed the above criteria (written in Base64 characters, can be encoded into UTF-8):
[0-3][4-7][014589][0-9+/]
[4-7][4-7][26+][0-9+/]
With this units, we can write '340/340+340/340+340/340+776/140/140+340/3400'
and this value is 3.1395918367346938
, for example.
Then we wrote a searching program and got flag.