Great challenge, took me 2 days to solve it. I learned a lot about the authentication system used in the web application. There is one thing i did not understand though:
I had to specify the management system in the tool i’ve used to obtain the flag. Otherwise the tool would not detect the vulnerability. Usually the tool does this automatically but not in this case. Is it because of the custom script I had to create for the tool or am I missing something?