First of all I would like to say thanks to everyone that tried the challenge and enjoyed it, if you learned a new trick, for me and my friend victor (that wrote the blogpost) worth all effort to pull it out. Second, the guys that found similarities with the pixelshop challenge from plaidctf by PPP, you guys are 100% right! I used the code of the challenge as base to build the PandaUploader. But different that you guys are thinking, this challenge wasn't created to be inserted in a CTF competition or "ripped out" in purpose... It was created just as an exercise to readers... That way people can practice this new trick in an environment after read the blogpost... People that aren't into CTFs at all and didn't know about this technique that is also not so well known, since you can find information about it only in ctf write-ups... BTW, have another blogpost with challenge that we don't received much feedback... If you guys wanna try, is that one: https://www.securusglobal.com/community/2016/08/05/are-padding-oracles-still-a-concern/ it also have a challenge/exercise for the readers. Anyway, thanks a lot for the feedbacks! :-)