This is a straightforward echo server with a bare buffer overflow vulnerability. Stack canary is not enable, and there is even a hidden print-flag function in the binary. So, just overflow the return address and jump to the target in the old-school fashion. To trigger the
ret, we need to enter a string whose position 0, 1, 2, 4 are s, t, o, p respectively.
from pwn import *