The Eluware 1 challenge was quite simple. A copy of a website was displayed with a malicious www.malware.com/md5.js script added to it. The script contained a flag() function, which when called from the Js console returned the flag to be submitted. Probably the easiest 100 points I ever got in a challenge.