Realist

The related material for this challenge seems to suggest that this is a CSRF challenge. I am confused as to how CSRF can help give us access to the exploits. CSRF generally deals with performing some action on behalf of the logged in user. The only actions that appear to be available to the non-authenticated / non-admin user are:

– Account creation
– Login / Logout
– Submitting a comment to admin

Other functionality may exist but it impossible for us to know as non-admin users.

I have successfully been able to cause the admin user to logout, but I am confused as to how any of the above mentioned actions could give us access to the exploits contained on the site. I have tried getting the admin user to make some request back to me but it appears that http requests are not made from the site. This would have been more of an XSS attack anyways but it was worth a try.

Is this vulnerability truly CSRF related? Am I missing some sort of action that can be taken on the website that could be leveraged on behalf of the user? Is there some creative use of the actions that I have found that I might not have thought of?

Apologizes for creating the same thread twice. The site glitched out and gave me a redirect and did not appear to be creating the thread. It also does not appear that there is a delete function available for me to delete my duplicate :( Moderators may feel free to delete the duplicate.