[kwesthaus]

Same. As far as I can tell, none of the usual restricted shell escape tricks work, so you just have to search through all the binaries on the system until you find one you can abuse to print the file contents, and that seems like more of a time sink than it's worth.

[grafporno]

env /bin/busybox strings README.flag

[scrollaway]

Nice one! Was wondering if there would be a way to call BusyBox with one of the missing binaries.

[shripadk]

Use iconv.

[archgoon]

LOL; I used split in the temp directory to create files of a single byte each and ran md5sum on them.

That's quite a bit more straightforward :)

[shripadk]

Well I spent an hour trying out as many commands as possible before giving up. Then came across this comment: https://news.ycombinator.com/item?id=20252612 and went through his Twitch recordings to see if he could get past this stage. That is how I learnt about iconv. :)

[redbluething]

Hehe. I kinda love this though :P

[RaptorJ]

shuf also works (its in /usr/bin) -- this took me a ~long~ time to figure out