New Challenge, new scoring system, some more hints, and more hacking
We have just released a new challenge, namely script gadgets. Please find it in the jeopardy part of the scoreboard. This might require some more time than other challenges.
Given this and also the fact that certain challenges are just harder than others, we have decided to change the scoring system (for the scoreboard only, not for the admission to the exam!). In particular, certain challenges (we'll not tell you which though :)) give more points than others (default is 128 points, the harder ones yield 256). Furthermore, there is now a first blood bonus for the first three students to solve each challenge (+20%, +10%, and +5%). Again, this is only for the scoreboard, not the admission. We have already retroactively updated your scores for the previous challenges.
We have also added another hint for base href, where it was not clear how to get to the flag (unless you had done unsafe hashes before, as it is basically the same application).
And, finally, if you liked the challenges thus far and want to spend more time hacking stuff, our local CTF team saarsec is playing ruCTFe (https://ructfe.org/) on Saturday. It's not all Web, but all hack, so you are welcome to join. If you want to, join us in 0.01 from around 10am (CTF starts at 11am) and bring a LAN adapter (if need be) for your laptop.