| Author |
HBH Doesn't like my packet |
deathrape
Member
Posts: 115
Location:
Joined: 19.03.05
Rank: Wiseman |
|
THE PACKET I SENT:
POST /challenges/timed/timed2/index.php HTTP/1.1
Host: www.hellboundhackers.org
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)
Content-type: application/x-www-form-urlencoded
Content-length: 9
Set-Cookie: removed
test=test
THE PACKET I RECIEVED
HTTP/1.1 200 OK
Date: Sat, 01 Sep 2007 16:26:27 GMT
Server: Apache/2.0.54 (Fedora)
X-Powered-By: PHP/5.0.4
Set-Cookie: PHPSESSID=31c23ld8eb4ijbbr71dthg1902; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 345
Connection: close
Content-Type: text/html
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html>
<head>
<title>Malformed Request</title>
</head>
<body>
<h1>Malformed Request</h1>
<p>Please check that no referer spoofing applications are active and try again.</p>
<hr/>
<address>Apache/2.0.54 (Fedora) Server at www.hellboundhackers.org Port 80</address>
</body>
</html>
What's wrong with the packet I sent?
Workers of the world, UNITE! You have nothing to lose but your chains!
And the riot be the rhyme of the unheard! |
|
| Author |
RE: HBH Doesn't like my packet |
lesserlightsofheaven
Member
Posts: 723
Location: EAX
Joined: 02.11.06
Rank: God
Warn Level: 30
|
|
Despite what that error message says, you actually DO need to spoof your referrer to get your submission to work. so use:
curl_opt($yourvar, CURLOPT_REFERER, $yourdata)
and it should return the page. |
|
| Author |
RE: HBH Doesn't like my packet |
rumburak
Member
Posts: 47
Location:
Joined: 24.07.07
Rank: Elite |
|
Didn't try timed but I've got similar reply when trying the other
The site is checking if you are logged in
and if referer is from challenge page ( here .../timed2/index.php )
|
|
|
| Author |
RE: HBH Doesn't like my packet |
deathrape
Member
Posts: 115
Location:
Joined: 19.03.05
Rank: Wiseman |
|
|
rumburak wrote:
Didn't try timed but I've got similar reply when trying the other
The site is checking if you are logged in
and if referer is from challenge page ( here .../timed2/index.php )
I don't think it's checking if I'm logged in: that's not very logical. If it was, it wouldn't give me a 'malformed request' error.
lesserlightsofheaven wrote:
Despite what that error message says, you actually DO need to spoof your referrer to get your submission to work. so use:
curl_opt($yourvar, CURLOPT_REFERER, $yourdata)
and it should return the page.
I'm not using curl. I'm writing the packet manually, then using sockets:
function makePacket($host, $page, $agent, $cookie, $data)
{
#Generate the packet
$packet = "POST ".$page." HTTP/1.1\r\n";
$packet .= "Host: ".$host."\r\n";
$packet .= "User-Agent: ".$agent."\r\n";
$packet .= "Content-type: application/x-www-form-urlencoded\r\n";
$packet .= "Content-length: 0\r\n"; /*strlen($data)*/
$packet .= "Set-Cookie: ".$cookie."\r\n";
$packet .= "\r\n";
$packet .= $data;
#return packet
return $packet;
}
Sure enough, it's the referrer! That's rather odd, I suppose it has to do with the POST attribute. This packet works just fine:
POST /index.php HTTP/1.1
Host: www.hellboundhackers.org
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)
Referer: http://hellboundhackers.org/forum/viewthread.php
Content-type: application/x-www-form-urlencoded
Content-length: 0
Set-Cookie: REMOVED
test=test
Workers of the world, UNITE! You have nothing to lose but your chains!
And the riot be the rhyme of the unheard!
Edited by deathrape on 01-09-07 21:20 |
|
|
| Author |
RE: HBH Doesn't like my packet |
rumburak
Member
Posts: 47
Location:
Joined: 24.07.07
Rank: Elite |
|
Well, yes you have to login in to access
http://www.hellboundhackers.org/challenges/timed/index.php
but you can access subdirectories without being logged
for referer I use Modify Headers in Firefox
|
|
|
| Author |
RE: HBH Doesn't like my packet |
deathrape
Member
Posts: 115
Location:
Joined: 19.03.05
Rank: Wiseman |
|
|
rumburak wrote:
Well, yes you have to login in to access
http://www.hellboundhackers.org/challenges/timed/index.php
but you can access subdirectories without being logged
for referer I use Modify Headers in Firefox
Seeing as my PHP scblockedript is crafting the packet and not firefox, I doubt a firefox addon would be much help.
And, obviously you have to be logged in. That's why I set to cookie in the packets. I just didn't add the atual cookie there for obvious reasons.
Workers of the world, UNITE! You have nothing to lose but your chains!
And the riot be the rhyme of the unheard! |
|
|
| Author |
RE: HBH Doesn't like my packet |
mido
Member
Posts: 613
Location: Cairo, Egypt
Joined: 27.01.07
Rank: God |
|
For timed 2, as an example :
$header = array();
$header[] = "REFRER: http://hellboundhackers.org/challenges/timed/timed2/index.php";
$header[] = "Cookie: <yourcookiehere>";
ect...etc...
//rest of code
curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
//That'd be better than defining the referer in cURL.
Edited by mido on 02-09-07 05:34 |
![mido_eg3[at]hotmail.com](../fusion_themes/HBH/forum/msn.gif)
|
| Author |
RE: HBH Doesn't like my packet |
deathrape
Member
Posts: 115
Location:
Joined: 19.03.05
Rank: Wiseman |
|
Once again, I don't need and won't use cURL. It doesn't give me the control over my packet content that I want. I'm drafting the packets myself. And, my connection is fine, I'm requesting pages fine, now I just need to write the regex code to finish the challenge, and I'm damned lazy and have a report to finish up today.
Workers of the world, UNITE! You have nothing to lose but your chains!
And the riot be the rhyme of the unheard! |
|
|
Main:
