diff --git a/README.md b/README.md
index 4e4df31..cd0179b 100644
--- a/README.md
+++ b/README.md
@@ -40,3 +40,5 @@ Chall:
    --> 30802
 9. kesek-kesek
    --> 30902
+10. tumpuk2
+   --> 31002
diff --git a/tumpuk2/Dockerfile b/tumpuk2/Dockerfile
new file mode 100644
index 0000000..07c69ba
--- /dev/null
+++ b/tumpuk2/Dockerfile
@@ -0,0 +1,38 @@
+# Use ubuntu 16.04
+FROM ubuntu:16.04
+
+#RUN apt-get update && apt-get -y dist-upgrade --fix-missing --fix-broken
+#RUN apt-get update
+#RUN apt-get update && apt-get install -y apt-transport-https
+#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP/ubuntu14/2.x/updates/2.4.2.0 HDP main' >> /etc/apt/sources.list.d/HDP.list
+#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP-UTILS-1.1.0.20/repos/ubuntu14 HDP-UTILS main' >> /etc/apt/sources.list.d/HDP.list
+#RUN echo 'deb [arch=amd64] https://apt-mo.trafficmanager.net/repos/azurecore/ trusty main' >> /etc/apt/sources.list.d/azure-public-trusty.list
+
+# install socat editor ssh
+#RUN apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
+#RUN apt-get install socat lib32ncurses5 -y
+RUN apt-get update && apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
+
+RUN adduser --disabled-password --gecos "" ksl
+RUN echo "ksl:sebuahrahasiamas" | chpasswd
+
+ADD chall/. /chall
+WORKDIR /chall
+
+RUN echo 'KSL{R0P_G4dg3t_1s_P0w3rfull}'  > /chall/flag.txt # ubah isi flagnya
+
+# Secure ENV
+
+RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc
+RUN chmod 700 /tmp /var/tmp /usr/bin/* /bin/* /dev/shm
+RUN chmod 755 /usr/bin/env /bin/dash /bin/bash /bin/sh /bin/nc /bin/cat /usr/bin/curl /usr/bin/groups /usr/bin/id /bin/ls /usr/bin/python
+
+
+RUN chown root:ksl /chall/tumpuk2 # ubah nama file
+RUN chmod 775 /chall/tumpuk2 # ubah nama file
+
+# Run Service
+
+RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:7000,reuseaddr,fork EXEC:"/chall/tumpuk2,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh
+
+CMD ["/var/tmp/.start.sh"]
diff --git a/tumpuk2/chall/tumpuk2 b/tumpuk2/chall/tumpuk2
new file mode 100755
index 0000000..5ed2560
Binary files /dev/null and b/tumpuk2/chall/tumpuk2 differ
diff --git a/tumpuk2/soal.c b/tumpuk2/soal.c
new file mode 100644
index 0000000..e90607e
--- /dev/null
+++ b/tumpuk2/soal.c
@@ -0,0 +1,31 @@
+//gcc -m32 -mpreferred-stack-boundary=2 -fno-stack-protector -no-pie -fno-builtin -o tumpuk2 soal.c
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+char *pager ="/";
+char *bin = "bin";
+char *sh  = "sh";
+char binsh[8];
+ 
+void flag(int y,int w){
+    if( y == 0xfacebabe && w == 0xbeefdead)
+        system(binsh);
+}
+ 
+void ramuan(int x, char *dest, char *src){
+    if( x == 0xdeadbeef )
+        strcpy(dest,src);
+}
+ 
+void vuln(){
+    char buf[64];
+    printf("Masukkan flag : ");
+    fflush(stdout);
+    gets(buf);
+    printf("flag adalah %s\n", buf);
+}
+ 
+int main(){
+    vuln();
+}