This solution was not expected by the organisers. It reveals how a XSS may lead to a very effective phishing attack. A very fun way to solve this web challenge :)

Original writeup (https://0x90r00t.com/2016/07/24/abctf-2016-se-and-xss-the-art-of-phishing-and-trolling/).