Fix Us (Exploit, PHP)
Fixus
Your mission is now to maintain access to the solution boards for the Z challenges.
Your plan is to gather information about the challenge solutions and gain more points on WeChall.net.
Because Z is a naive, click-before-think guy, he clicks on every link you send him.
Your plan is to send Z a malicious, but innocent looking link, and once he logs in WeChall, you will be able to login in the credentials of Z - and read the solution boards as well.
Gizmore did a good job against XSS and CSRF, so you have to find another flaw to log in.
After examining the WeChall source code, you found a hidden login page for the Z solution boards.
Goto Login
Goto Secret Forum
Your plan is to gather information about the challenge solutions and gain more points on WeChall.net.
Because Z is a naive, click-before-think guy, he clicks on every link you send him.
Your plan is to send Z a malicious, but innocent looking link, and once he logs in WeChall, you will be able to login in the credentials of Z - and read the solution boards as well.
Gizmore did a good job against XSS and CSRF, so you have to find another flaw to log in.
After examining the WeChall source code, you found a hidden login page for the Z solution boards.
Goto Login
Goto Secret Forum