| Author |
Using cURL on HBH. |
lesserlightsofheaven
Member
Posts: 723
Location: EAX
Joined: 02.11.06
Rank: God
Warn Level: 30
|
|
Here's what I have so far, however it still returns a "1" rather then the webpage:
<?php
$url = "http://www.hellboundhackers.org/challenges/timed/timed1/index.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt($ch, CURLOPT_COOKIE,"PHPSESSID=[Censored]; fusion_visited=TRUE; CFMCOOKIEAE=US; __utma=[Censored]; __utmc=[Censored]; __utmz=[Censored]; __utmb=[Censored]; fusion_user=[Censored]; fusion_lastvisit=1187752313");
$result = curl_exec($ch);
curl_close($ch);
echo $result;
?>
I'm pretty sure I'm capable of parsing out the correct values from the webpage, it's just accessing the page that I'm having trouble with.
Am I sending too many cookie values?
The wrong ones?
Do I have to spoof my referrer as well?
Halp.
=D
Edited by lesserlightsofheaven on 27-08-07 23:29 |
 
|
| Author |
RE: Using cURL on HBH. |
SySTeM
-=[TheOutlaw]=-
Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank: The Overlord |
|
You need:
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION ,1 );
|
|
|
| Author |
RE: Using cURL on HBH. |
lesserlightsofheaven
Member
Posts: 723
Location: EAX
Joined: 02.11.06
Rank: God
Warn Level: 30
|
|
|
hm, now I'm getting a blank page, I'm still tinkering with some values though. I'll check back in a bit. |
|
|
| Author |
RE: Using cURL on HBH. |
lesserlightsofheaven
Member
Posts: 723
Location: EAX
Joined: 02.11.06
Rank: God
Warn Level: 30
|
|
Well, still no luck, here's something interesting though:
If I remove the "fusion_user" bit of the cookie, the page loads fine, It just says I'm not logged in. Hmmm. It does that with or without the FOLLOWLOCATION option. |
|
|
| Author |
RE: Using cURL on HBH. |
SySTeM
-=[TheOutlaw]=-
Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank: The Overlord |
|
Peice of advice: Don't use CURLOPT_COOKIE, read up on CURLOPT_HTTPHEADER instead 
|
|
|
| Author |
RE: Using cURL on HBH. |
lesserlightsofheaven
Member
Posts: 723
Location: EAX
Joined: 02.11.06
Rank: God
Warn Level: 30
|
|
Well, I tried putting the cookies into an array and sticking them into the HEADER option, but still no luck.
Once again, if I remove the "fusion_user" part of the cookie, the page loads fine, just not from the perspective of a logged in user.
I'll keep at it.
Is anyone else who's trying it right now having the same problem? |
|
|
| Author |
RE: Using cURL on HBH. |
mido
Member
Posts: 613
Location: Cairo, Egypt
Joined: 27.01.07
Rank: God |
|
I have tried the code you wrote, and it worked for me.
Also, Headers work. |
![mido_eg3[at]hotmail.com](../fusion_themes/HBH/forum/msn.gif)
|
| Author |
RE: Using cURL on HBH. |
lesserlightsofheaven
Member
Posts: 723
Location: EAX
Joined: 02.11.06
Rank: God
Warn Level: 30
|
|
|
Hm, well I just tried it from the command line rather then from within a webpage and it works just fine. Thanks for everyone's help. |
|
|
| Author |
RE: Using cURL on HBH. |
ZvirX
Member
Posts: 101
Location: Class Object
Joined: 03.11.07
Rank: God |
|
|
lesserlightsofheaven wrote:
Hm, well I just tried it from the command line rather then from within a webpage and it works just fine. Thanks for everyone's help.
Hey lesser i'm stuck at the same point as you were it keeps showing me "1"
and it doesn't work when i remove the fusion_user part cookie !!
it works on any other site except hbh !
what do you mean "from a command line" you mean hosting locally like wamp or something ?
i would appreciate it if anyone could help me with this,
Thanks.
|
 
|
| Author |
RE: Using cURL on HBH. |
lesserlightsofheaven
Member
Posts: 723
Location: EAX
Joined: 02.11.06
Rank: God
Warn Level: 30
|
|
|
ZvirX wrote:
Hey lesser i'm stuck at the same point as you were it keeps showing me "1"
and it doesn't work when i remove the fusion_user part cookie !!
it works on any other site except hbh !
what do you mean "from a command line" you mean hosting locally like wamp or something ?
i would appreciate it if anyone could help me with this,
Thanks.
By that I mean running it through the php interpreter, rather then hosted on a web page.
C:\>php yourscblockedript.php
|
|
|
| Author |
RE: Using cURL on HBH. |
ZvirX
Member
Posts: 101
Location: Class Object
Joined: 03.11.07
Rank: God |
|
Thanks, now its working but it keeps returning wrong string i even spoofed the referral and still no luck , what i'm doing wrong !
i'm sure i have decrypted it right and the page isn't processed on the server
whats wrong !
|
|
|
| Author |
RE: Using cURL on HBH. |
lesserlightsofheaven
Member
Posts: 723
Location: EAX
Joined: 02.11.06
Rank: God
Warn Level: 30
|
|
|
ZvirX wrote:
Thanks, now its working but it keeps returning wrong string i even spoofed the referral and still no luck , what i'm doing wrong !
i'm sure i have decrypted it right and the page isn't processed on the server
whats wrong !
I can't help you without code. |
|
|
| Author |
RE: Using cURL on HBH. |
ZvirX
Member
Posts: 101
Location: Class Object
Joined: 03.11.07
Rank: God |
|
Here its the same as everybody i guess :|
<?php
$ch = curl_init("http://www.hellboundhackers.org/challenges/timed/timed1/index.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_COOKIE,"fusion_user=[CENSORED];
PHPSESSID=[CENSORED]");
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11)
Gecko/20071127 Firefox/2.0.0.11");
$result = curl_exec($ch);
curl_close($ch);
echo $result;
?>
Edited by ZvirX on 02-12-07 21:08 |
|
|
| Author |
RE: Using cURL on HBH. |
slpctrl
Member
Posts: 945
Location: 2147483647
Joined: 19.04.07
Rank: God |
|
ZvirX wrote:
Here its the same as everybody i guess :|
<?php
$ch = curl_init("http://www.hellboundhackers.org/challenges/timed/timed1/index.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_COOKIE,"fusion_user=[CENSORED];
PHPSESSID=[CENSORED]");
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11)
Gecko/20071127 Firefox/2.0.0.11");
$result = curl_exec($ch);
curl_close($ch);
echo $result;
?>
Nah that's not nearly the whole code. What you need to do is after getting $result which basically takes the HTML of the page and stores it as a variable, to take the variable, find the encoded string, decode the string, and then use cURL again to do what needs to be done. All that scblockedript is doing is it's getting the HTML of the page you want, storing it as a variable, and you're echoing the variable. I posted this in another thread, donno if it will help much but there's only so much you can say before it's a spoiler:
slpctrl wrote:
Well, I don't wanna post my whole code as that's an instant spoiler, but here's what I was doing wrong:
After the initial cURL to get the page, I decided for some reason to use header( 'Location: http://www.hellboundhackers.org/challenges/timed/timed1/index.php?b64=.$var' ) ;
Among other things, until I decided that the best way to tackle it and use the very least time is to use cURL to get the page, like so:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"http://www.hellboundhackers.org/challenges/timed/timed2/index.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11");
curl_setopt($ch, CURLOPT_COOKIE,"PHPSESSID=censored; fusion_user=censored");
$result = curl_exec($ch);
curl_close($ch);
Then after the page has been processed, use the preg_match_all() function to find each string after "string: ". This information is stored in the $result variable (That's where the HTML of the page that cURL retrieved is). Single the variable out by selecting only one element out of the array like so: $matches[1][0] then it's a simple matter of using the base64_decode() function on $matches[1][0], and then use cURL once more to get the URL
http://www.hellboundhackers.org/challenges/timed/timed1/index.php?b64=
and append the variable to the end that you assigned to the base64_decode ($string=base64_decode($matches[1][0]);
It should look very similar to the first cURL sc blockedript, except the URL difference. The new URL option for cURL will look something like this:
curl_setopt($ch1, CURLOPT_URL,"http://www.hellboundhackers.org/challenges/timed/timed1/index.php?b64=" . $string);
Hope this helps, and I hope it's not a spoiler. If there are sections that spoil the challenges feel free to remove.
:p |
|
|
| Author |
RE: Using cURL on HBH. |
ZvirX
Member
Posts: 101
Location: Class Object
Joined: 03.11.07
Rank: God |
|
I get what you mean but why do that when i can just do it manually the page isn't processed on the server in both cases thats the point of using cURL ..
plus i'm not that experienced with cURL 
but i believe it should work in both cases no need to be that specific 
if your right, then i do have alot of googling to do lol
|
|
|
| Author |
RE: Using cURL on HBH. |
slpctrl
Member
Posts: 945
Location: 2147483647
Joined: 19.04.07
Rank: God |
|
ZvirX wrote:
I get what you mean but why do that when i can just do it manually the page isn't processed on the server in both cases thats the point of using cURL ..
plus i'm not that experienced with cURL
but i believe it should work in both cases no need to be that specific
if your right, then i do have alot of googling to do lol
Lol I thought I could do that too...never worked. In fact, I had to press the F5 button a few times to get the first 2 to work....sometimes I get it within the time frame, sometimes I don't. It's really not too complicated...if you need any help drop me a PM. But really, you know that the 2nd curl is gonna take the decoded string, and add ?b64=$string so you know what the 2nd round of cURL is doing....inbetween those 2 you need to get the string and decode it. |
|
|
| Author |
RE: Using cURL on HBH. |
ZvirX
Member
Posts: 101
Location: Class Object
Joined: 03.11.07
Rank: God |
|
May be some one was viewing the chall while i was decrypting the string lmao
well i'll give it a try .. expect a pm soon hahaha.
Thanks 
|
|
|
Main:
