# Mario bros!

![Screenshot of challenge](https://584771571-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FGhn0OSf58IrV71Z387bZ%2Fuploads%2FHtHWppXZ7ISPOMDaFJVj%2Fimage.png?alt=media\&token=8f147ad6-c41e-4d48-8e33-bc059f85ed30)

### Description

Read the flag!

`nc 159.223.209.120 7777`

### Hint

Mario's favorite shortcut!

### Writeup

When you run the program it will look something like this

![output](https://584771571-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FGhn0OSf58IrV71Z387bZ%2Fuploads%2FjAmBniL53innEl6pnx7Q%2Fimage.png?alt=media\&token=228ba32d-2836-4d6b-b00f-0c26bda5ab4b)

So, from this we can notice one thing, it is taking input and printing the same input. We can find printing or formatting vulnerabilities.

Yes, we know such payload: `& cat flag.txt`

![& cat flag.txt](https://584771571-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FGhn0OSf58IrV71Z387bZ%2Fuploads%2FrTYWRHod3QRJWTIsPD6W%2Fimage.png?alt=media\&token=7a31aa7f-7e72-4df6-b732-99c8e2b57f2a)

And boom, we got the flag 🎉

### Flag

`EZ-CTF{UNSECUR3_B4SH}`