diff --git a/injection2/description.md b/injection2/description.md
new file mode 100644
index 0000000..5bd1e59
--- /dev/null
+++ b/injection2/description.md
@@ -0,0 +1 @@
+I've told my friend a billion times that the user called `leet1337` doesn't exist on this [website](http://injection2.web.easyctf.com), but he won't listen. Could you please login as this user, even though it doesn't exist in the database? Oh and also, make sure that the user has a power level over 9000!!!!
\ No newline at end of file
diff --git a/injection2/grader.py b/injection2/grader.py
new file mode 100644
index 0000000..1e1ad00
--- /dev/null
+++ b/injection2/grader.py
@@ -0,0 +1,4 @@
+def grade(autogen, key):
+    if key.find("reUNI0Ns_are_alw4ys_s0_em0t1onal") != -1:
+        return True, "Nice 1337 heccker skillz!"
+    return False, "Nah. Keep trying though."
diff --git a/injection2/problem.yml b/injection2/problem.yml
new file mode 100644
index 0000000..f07071e
--- /dev/null
+++ b/injection2/problem.yml
@@ -0,0 +1,7 @@
+author: dududum561 & mzhang
+title: SQL Injection 2
+hint: The columns in the table are (not in order) username, password, power_level, and a unique id.
+category: Web
+autogen: false
+programming: false
+value: 150