Follow us on Twitter!
Few are those who can see with their own eyes and hear with their own hearts. - Albert Einstein
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 15
Guests Online: 12
Members Online: 3

Registered Members: 82876
Newest Member: bhl1986
Latest Articles
View Thread

HellBound Hackers | Computer General | Programming

Author

PHP cURL

richohealey
Member



Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank:
Monster
Posted on 04-10-06 04:15
can someone tell me what's wrong with this code?

i'm still very novice with cURL, and not great with PHP either. it's meant to log me into HBH.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>richo's curl page</title>
</head>
<body>
<p>blah blah blah</p>

<?
$url="http://www.hellboundhackers.org/index.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, "user_name=richohealey&user_pass=**mypass**"Wink;
#curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt'Wink;
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
$store = curl_exec ($ch);
$content = curl_exec ($ch); # This returns HTML
curl_close ($ch);
echo $content;
?>
</body>
</html>


should my user and pass be in ''


bitchohealey at hotmail dot com skype:richohealey www.psych0tik.net
Author

RE: PHP cURL


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-10-06 04:38
Assuming the field names are correct, I believe so.
Author

RE: PHP cURL

richohealey
Member



Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank:
Monster
Posted on 04-10-06 04:42
hmm, i took the field names stright from the index.php source, so they should be right, i've tried with them as user_name='richohealey'&user_pass='password' and without the ' marks.

i'm totally stumped


bitchohealey at hotmail dot com skype:richohealey www.psych0tik.net
Author

RE: PHP cURL


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-10-06 05:43
Ah, another thing, you need to use the urlencode() function on your variables (Your username and your password).

I personally don't have enough time to look, but check out http://www.higher. . .Servers/2/ and compare the code to yours, and check what's not kosher with it.
Author

RE: PHP cURL

richohealey
Member



Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank:
Monster
Posted on 05-10-06 00:24
now that i've fixed that, i get a big header, with all the cookie details, and lines that say set-cookie FUsion user etc.. so it's loggin in , and getting the cookie data, but it isn't running that portion. anyone know why?


bitchohealey at hotmail dot com skype:richohealey www.psych0tik.net
Author

RE: PHP cURL

richohealey
Member



Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank:
Monster
Posted on 05-10-06 00:32
ok. i have it narrowed down. the header is

HTTP/1.1 302 Found Date: Wed, 04 Oct 2006 23:30:14 GMT Server: Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.4.3 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a X-Powered-By: PHP/4.4.3 Set-Cookie: fusion_visited=TRUE; expires=Thu, 04 Oct 2007 23:30:14 GMT; path=/ Set-Cookie: fusion_user=**my fusion user**; expires=Thu, 05 Oct 2006 02:30:15 GMT; path=/ Location: index.php Transfer-Encoding: chunked Content-Type: text/html HTTP/1.1 200 OK Date: Wed, 04 Oct 2006 23:30:15 GMT Server: Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.4.3 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a X-Powered-By: PHP/4.4.3 Transfer-Encoding: chunked Content-Type: text/html


and the line
curl_setopt($ch, CURLOPT_HEADER, 1);

in the script is what causes it. if i hash it out i get nothing. obvu\iously it is just reading the header, how do i force it to do something with it. is it something about my cookie lines?


bitchohealey at hotmail dot com skype:richohealey www.psych0tik.net
Author

RE: PHP cURL


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-10-06 00:40
Code
<?php
$params = array();
$params['user_name'] = "WhiteAcid";
$params['user_pass'] = "***";
$params['login'] = "Login";

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.hellboundhackers.org/news.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies.txt');


$post_result = curl_exec($ch);

if (curl_errno($ch))
{
   echo curl_error($ch);
}
curl_close($ch);
echo $post_result;
?>




That'll work. Wireshark does wonders when debugging curl code. HBH has a really wierd loggin in mechanism where you go to news.php, to index.php and back to news.php. Hence the FOLLOWLOCATION and the COOKIEJAR parts are crucial.

Obviously you can comment out the CURLOPT_RETURNTRANSFER line if you don't care about the reply, in which case CURLOPT_HEADER is also totally pointless.




Edited by on 05-10-06 00:41
Author

RE: PHP cURL

richohealey
Member



Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank:
Monster
Posted on 05-10-06 00:52
I love you.

i don't even care who you are i want to have your babie, even though i'm a guy.

anyway, i stil get that header at the top. i don't care. thanks heaps.


bitchohealey at hotmail dot com skype:richohealey www.psych0tik.net
Author

RE: PHP cURL


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-10-06 00:56
To remove the header remove the line:
Code
curl_setopt($ch, CURLOPT_HEADER, true);




And I've been around on the site for a while, just not very active.


Author

RE: PHP cURL

richohealey
Member



Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank:
Monster
Posted on 05-10-06 01:04
yeah i realised that it got rid of the header at the top, i wan't sure how to make it turn the cokie info in the header in to actual cookeis. thanks heaps guys.


bitchohealey at hotmail dot com skype:richohealey www.psych0tik.net
Author

RE: PHP cURL

richohealey
Member



Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank:
Monster
Posted on 05-10-06 01:09
ok.... now i've got more questions.
how do i get it to fing a specific part of a file? i'm doing real11 and can log into HBH, log into firm
get to the backup page.... can i get it to look for the <hr> tags? and what is the change in syntax for get? does it just change to GET_DATA.... etc in place of post?


bitchohealey at hotmail dot com skype:richohealey www.psych0tik.net
Author

RE: PHP cURL

richohealey
Member



Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank:
Monster
Posted on 05-10-06 01:18
oh yeah get is when it's something.php?blah=blah.... so now i just need to know how to fish out the number. can i write a foreach() loop, that should divide it intp lines right....


bitchohealey at hotmail dot com skype:richohealey www.psych0tik.net
Author

RE: PHP cURL


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-10-06 01:33
Sorry... would have replied sooner but this was just too damn funny.

To find an <hr> tag just use strpos($post_results,'<hr>');

To use GET either set
curl_setopt($ch, CURLOPT_POST, true);
to false or remove the line. Also remove the line:
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);


Then (before the curl block) add something like:
Code
//untested
$qs = '?';
foreach ($params as $i => $p)
{
    $qs .= $i . '=' . $p . '&';
}
$qs = substr($qs,0,strlen($qs)-1);




Then change:
curl_setopt($ch, CURLOPT_URL, "http://www.hellboundhackers.org/news.php");
to:
curl_setopt($ch, CURLOPT_URL, "http://www.hellboundhackers.org/news.php".$qs);

As for that last part about fishing out the number? I'm not quite sure what you mean.




Edited by on 05-10-06 01:36
Author

RE: PHP cURL

richohealey
Member



Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank:
Monster
Posted on 05-10-06 01:39
ha ha i just did it using a whole bunch of concanted $result[strlen($result)-182] . etc.....

crude but it's worked!

so with the the cookiejar and cookiefile tags it should keep track of who i am right... so now i just have to crack the app and write a PHP script to do the same thing and input it. wicked.

thanks heaps, i should be right now. on the other hand i might be back here in 5 mins.


bitchohealey at hotmail dot com skype:richohealey www.psych0tik.net