diff --git a/vendor/nsjail/context/inject-flag.sh b/vendor/nsjail/context/inject-flag.sh
new file mode 100644
index 0000000..d82e000
--- /dev/null
+++ b/vendor/nsjail/context/inject-flag.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+export MODE=ONCE
+read FLAG
+export TMP_PARAMS="$TMP_PARAMS"$(cat <<-END
+, {
+    dst: "/flag",
+    src_content: $(echo "${FLAG@Q}")
+  }
+END
+)
+nsjail --config <(echo "$CONFIG" | envsubst)
diff --git a/vendor/nsjail/context/nsjail-user.sh b/vendor/nsjail/context/nsjail-user.sh
index 6b10a75..7253df8 100644
--- a/vendor/nsjail/context/nsjail-user.sh
+++ b/vendor/nsjail/context/nsjail-user.sh
@@ -2,7 +2,7 @@
 
 # idempotency ftw
 CONFIG_FILE="/home/ctf/nsjail.cfg"
-CONFIG=`cat "$CONFIG_FILE"`
+export CONFIG=`cat "$CONFIG_FILE"`
 
 # check and set default env vars
 export MODE=${MODE:-LISTEN}
@@ -21,7 +21,7 @@ TMP_ENABLED=${TMP_ENABLED:-0}
 TMP_SIZE=${TMP_SIZE:-5000000}
 
 if [ $TMP_ENABLED -eq 1 ]; then
-	export TMP_PARAMS=$(cat <<-END
+  export TMP_PARAMS=$(cat <<-END
 , {
     dst: "/tmp",
     fstype: "tmpfs",
@@ -29,6 +29,7 @@ if [ $TMP_ENABLED -eq 1 ]; then
     is_bind: false,
     rw: true
   }
+
 END
 )
 fi
@@ -41,5 +42,9 @@ if [ -f "/sys/fs/cgroup/cgroup.controllers" ]; then
 	fi
 fi
 
-nsjail --config <(echo "$CONFIG" | envsubst) --env FLAG
+if [ "$MODE" == "LISTEN_INJECT_FLAG" ]; then
+	/docker-init/inject-flag.sh
+else
+	nsjail --config <(echo "$CONFIG" | envsubst) --env FLAG
+fi
 
diff --git a/vendor/nsjail/dockerfiles/Dockerfile.debian b/vendor/nsjail/dockerfiles/Dockerfile.debian
index 315fd82..7c23671 100644
--- a/vendor/nsjail/dockerfiles/Dockerfile.debian
+++ b/vendor/nsjail/dockerfiles/Dockerfile.debian
@@ -32,6 +32,7 @@ RUN dpkg --add-architecture i386 \
      python3-venv \
      python3-gmpy2 \
      nano \
+     socat \
      $LIBPROTOBUF_VERSION \
      libnl-route-3-200 \
      libc6:i386 \
@@ -41,7 +42,7 @@ RUN dpkg --add-architecture i386 \
 COPY --from=build /nsjail/nsjail /usr/bin/nsjail
 RUN useradd -r -m ctf
 
-COPY docker-entrypoint.sh nsjail-launcher.sh nsjail-user.sh nsjail-config-cgroups.sh /docker-init/
+COPY docker-entrypoint.sh nsjail-launcher.sh nsjail-user.sh nsjail-config-cgroups.sh inject-flag.sh /docker-init/
 RUN chmod +x /docker-init/*
 
 ENTRYPOINT ["/docker-init/docker-entrypoint.sh"]
diff --git a/vendor/nsjail/dockerfiles/Dockerfile.ubuntu b/vendor/nsjail/dockerfiles/Dockerfile.ubuntu
index 390f870..24e80f8 100644
--- a/vendor/nsjail/dockerfiles/Dockerfile.ubuntu
+++ b/vendor/nsjail/dockerfiles/Dockerfile.ubuntu
@@ -32,6 +32,7 @@ RUN dpkg --add-architecture i386 \
      python3-gmpy2 \
      python3-pip \
      nano \
+     socat \
      $LIBPROTOBUF_VERSION \
      libnl-route-3-200 \
      libc6:i386 \
@@ -41,7 +42,7 @@ RUN dpkg --add-architecture i386 \
 COPY --from=build /nsjail/nsjail /usr/bin/nsjail
 RUN useradd -r -m ctf
 
-COPY docker-entrypoint.sh nsjail-launcher.sh nsjail-user.sh nsjail-config-cgroups.sh /docker-init/
+COPY docker-entrypoint.sh nsjail-launcher.sh nsjail-user.sh nsjail-config-cgroups.sh inject-flag.sh /docker-init/
 RUN chmod +x /docker-init/*
 
 ENTRYPOINT ["/docker-init/docker-entrypoint.sh"]