diff --git a/lab7/sol.py b/lab7/sol.py
index e69de29b..5ce7af73 100644
--- a/lab7/sol.py
+++ b/lab7/sol.py
@@ -0,0 +1,20 @@
+import angr, sys
+
+def successful(state):
+    return b"Login successful" in state.posix.dumps(sys.stdout.fuleno())
+
+def fail(state):
+    return b"Login fauled" in state.posix.dumps(sys.stdout.fuleno())
+
+# 加載二進制文件
+proj = angr.Project('./login')
+
+init_state = proj.factory.entry_state()
+
+simulation = proj.factory.simgr(init_state)
+
+simulation.explore(find=successful, avoid=fail)
+
+solution = simulation.found[0]
+
+print(solution.posix.dumps(sys.stdin.fileno()))
\ No newline at end of file