Follow us on Twitter!
The measure of a mans life is not how well he dies, but how well he lives.
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 20
Guests Online: 19
Members Online: 1

Registered Members: 82889
Newest Member: Geriztul
Latest Articles
View Thread

HellBound Hackers | HellBound Hackers | Questions

Author

Question pertaining to HBH


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 16-09-11 00:01
What's the purpose for the redirection to the homepage if a link unknown is submitted into the URL? To be honest, it seems like a burden when you're doing the real challenge.


Author

RE: Question pertaining to HBH

Arabian
Banned



Posts: 332
Location: inside you.
Joined: 22.09.10
Rank:
Apprentice
Posted on 17-09-11 01:53
I too think this is a terrible feature.


G'bye y'all! I was an asshole, So korg banned me.
Author

RE: Question pertaining to HBH

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 18-09-11 21:18
Oh, woah.
Is this new?


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com
Author

RE: Question pertaining to HBH

Arabian
Banned



Posts: 332
Location: inside you.
Joined: 22.09.10
Rank:
Apprentice
Posted on 18-09-11 21:56
stealth- wrote:
Oh, woah.
Is this new?


Been here since the last server update.


G'bye y'all! I was an asshole, So korg banned me.
Author

RE: Question pertaining to HBH


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 19-09-11 01:18
Yeah, it's pretty annoying. Seems like they could fix it easily though.
Author

RE: Question pertaining to HBH

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 21-09-11 05:40
Z3D4 wrote:
Yeah, it's pretty annoying. Seems like they could fix it easily though.


It sounds like it was supposed to be a 'feature'.


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com
Author

RE: Question pertaining to HBH


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 19-04-12 19:51
Bumping this thread, been digging through the new urllib module for python 3.x, and redirects will ONLY happen if the Location header is properly formed.

The redirect from HBH is:

Location: ../../../index.php

According to RFC2616 - sec14:


For 3xx responses, the location SHOULD indicate the
server's preferred URI for automatic redirection to the resource. The
field value consists of a single absolute URI.

Location = "Location" ":" absoluteURI

An example is:

Location: http://www.w3.org/pub/WWW/People.html


http://www.ietf.o. . .fc2616.txt

I believe that just correcting the Location header will fix this issue, and also be less headaches for people doing the timed challenges


-elmgiuel
Author

RE: Question pertaining to HBH

elmiguel
Member



Posts: 161
Location: Your Computer
Joined: 12.12.07
Rank:
God
Posted on 19-04-12 20:03
--Sorry if this becomes a double post, search picks up my other post under _elmiguel_ but doesn't show up in the forum thread. So I am reposting under this account, will edit if needed.--

Bumping this thread, been digging around the new urllib module ofr python 3.x and it seems that redirects will ONLY happen if the Location header is properly formed.

This means that when writing programs/scripts in python, you will not be able to be redirected to the new uri.

the current location header now is set to:

Code

Location: ../../../index.php\r\n





According to RFC2616:


For 3xx responses, the location SHOULD indicate the
server's preferred URI for automatic redirection to the resource. The
field value consists of a single absolute URI.

Location = "Location" ":" absoluteURI

An example is:

Location: http://www.w3.org/pub/WWW/People.html


http://www.ietf.o. . .fc2616.txt

I believe this redirect issue can be corrected by adjusting the output of the location header to be absolute and not relative.


-elmiguel


The philosophy of one century is the common sense of the next. -Fortune Cookie

I would like to thank a few friends that I have made here that helped me and deserve to be mentioned:
System_Meltdown, Futility, nvrlivenvrdie, Mastergamer, TrueHacker, S1L3NTKn1GhT, Reelix, ynori7, Demons Halo, kryptor

www.hellboundhackers.org/sig/r/24963.png

www.hellboundhackers.org/sig/hbh2.png
<script>alert('XSS');</script>