Your mission is now to maintain access to the solution boards for the Z challenges.
Your plan is to gather information about the challenge solutions and gain more points on WeChall.net.
Because Z is a naive, click-before-think guy, he clicks on every link you send him.
Your plan is to send Z a malicious, but innocent looking link, and once he logs in WeChall, you will be able to login in the credentials of Z - and read the solution boards as well.
Gizmore did a good job against XSS and CSRF, so you have to find another flaw to log in.
After examining the WeChall source code, you found a hidden login page for the Z solution boards.Goto LoginGoto Secret Forum
© 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 and 2017 by Z