Follow us on Twitter!
Capitalism is an Island of wealth in a sea of poverty
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 13
Guests Online: 12
Members Online: 1

Registered Members: 82889
Newest Member: Geriztul
Latest Articles
View Thread

HellBound Hackers | Challenges | Timed Challenges

Author

HBH Doesn't like my packet


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-09-07 17:28
THE PACKET I SENT:
POST /challenges/timed/timed2/index.php HTTP/1.1
Host: www.hellboundhackers.org
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)
Content-type: application/x-www-form-urlencoded
Content-length: 9
Set-Cookie: removed

test=test


THE PACKET I RECIEVED
HTTP/1.1 200 OK
Date: Sat, 01 Sep 2007 16:26:27 GMT
Server: Apache/2.0.54 (Fedora)
X-Powered-By: PHP/5.0.4
Set-Cookie: PHPSESSID=31c23ld8eb4ijbbr71dthg1902; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 345
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html>
<head>
<title>Malformed Request</title>
</head>
<body>
<h1>Malformed Request</h1>
<p>Please check that no referer spoofing applications are active and try again.</p>
<hr/>
<address>Apache/2.0.54 (Fedora) Server at www.hellboundhackers.org Port 80</address>
</body>
</html>



What's wrong with the packet I sent?


Author

RE: HBH Doesn't like my packet


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-09-07 17:37
Despite what that error message says, you actually DO need to spoof your referrer to get your submission to work. so use:

Code
curl_opt($yourvar, CURLOPT_REFERER, $yourdata)




and it should return the page.
Author

RE: HBH Doesn't like my packet


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-09-07 17:42
Didn't try timed but I've got similar reply when trying the other
The site is checking if you are logged in
and if referer is from challenge page ( here .../timed2/index.php )
Author

RE: HBH Doesn't like my packet


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-09-07 21:20
rumburak wrote:
Didn't try timed but I've got similar reply when trying the other
The site is checking if you are logged in
and if referer is from challenge page ( here .../timed2/index.php )


I don't think it's checking if I'm logged in: that's not very logical. If it was, it wouldn't give me a 'malformed request' error.

lesserlightsofheaven wrote:
Despite what that error message says, you actually DO need to spoof your referrer to get your submission to work. so use:

Code
curl_opt($yourvar, CURLOPT_REFERER, $yourdata)




and it should return the page.


I'm not using curl. I'm writing the packet manually, then using sockets:
Code

 function makePacket($host, $page, $agent, $cookie, $data)
 {
  #Generate the packet
  $packet  = "POST ".$page." HTTP/1.1\r\n";
  $packet .= "Host: ".$host."\r\n";
  $packet .= "User-Agent: ".$agent."\r\n";
  $packet .= "Content-type: application/x-www-form-urlencoded\r\n";
  $packet .= "Content-length: 0\r\n"; /*strlen($data)*/
  $packet .= "Set-Cookie: ".$cookie."\r\n";
  $packet .= "\r\n";
  $packet .= $data;

  #return packet
  return  $packet;
 }





Sure enough, it's the referrer! That's rather odd, I suppose it has to do with the POST attribute. This packet works just fine:

Code

POST /index.php HTTP/1.1
Host: www.hellboundhackers.org
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)
Referer: http://hellboundhackers.org/forum/viewthread.php
Content-type: application/x-www-form-urlencoded
Content-length: 0
Set-Cookie: REMOVED

test=test








Edited by on 01-09-07 21:20
Author

RE: HBH Doesn't like my packet


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-09-07 21:42
Well, yes you have to login in to access
http://www.hellboundhackers.org/challenges/timed/index.php
but you can access subdirectories without being logged
for referer I use Modify Headers in Firefox

Author

RE: HBH Doesn't like my packet


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-09-07 22:47
rumburak wrote:
Well, yes you have to login in to access
http://www.hellboundhackers.org/challenges/timed/index.php
but you can access subdirectories without being logged
for referer I use Modify Headers in Firefox


Seeing as my PHP script is crafting the packet and not firefox, I doubt a firefox addon would be much help.

And, obviously you have to be logged in. That's why I set to cookie in the packets. I just didn't add the atual cookie there for obvious reasons.


Author

RE: HBH Doesn't like my packet

mido
Member

Your avatar

Posts: 613
Location: Cairo, Egypt
Joined: 27.01.07
Rank:
Monster
Posted on 02-09-07 05:33
For timed 2, as an example :
$header = array();
$header[] = "REFRER: http://hellboundhackers.org/challenges/timed/timed2/index.php";
$header[] = "Cookie: <yourcookiehere>";
ect...etc...
//rest of code
curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
//That'd be better than defining the referer in cURL.



www.hellboundhackers.org/sig/r/16019.png



Edited by mido on 02-09-07 05:34
mido_eg3[at]hotmail.com
Author

RE: HBH Doesn't like my packet


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-09-07 14:22
Once again, I don't need and won't use cURL. It doesn't give me the control over my packet content that I want. I'm drafting the packets myself. And, my connection is fine, I'm requesting pages fine, now I just need to write the regex code to finish the challenge, and I'm damned lazy and have a report to finish up today.