Follow us on Twitter!
Never in the field of human conflict was so much owed by so many to so few. - Winston Churchill
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 27
Guests Online: 24
Members Online: 3

Registered Members: 82905
Newest Member: BLckLIght
Latest Articles
View Thread

HellBound Hackers | Challenges | Timed Challenges

Author

Using cURL on HBH.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-08-07 23:28
Here's what I have so far, however it still returns a "1" rather then the webpage:

Code
<?php

$url = "http://www.hellboundhackers.org/challenges/timed/timed1/index.php";

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt($ch, CURLOPT_COOKIE,"PHPSESSID=[Censored]; fusion_visited=TRUE; CFMCOOKIEAE=US; __utma=[Censored]; __utmc=[Censored]; __utmz=[Censored]; __utmb=[Censored]; fusion_user=[Censored]; fusion_lastvisit=1187752313");

$result = curl_exec($ch);
curl_close($ch);
echo $result;

?>




I'm pretty sure I'm capable of parsing out the correct values from the webpage, it's just accessing the page that I'm having trouble with.

Am I sending too many cookie values?
The wrong ones?
Do I have to spoof my referrer as well?
Halp.
=D

Edited by on 27-08-07 23:29
Author

RE: Using cURL on HBH.

SySTeM
Member

Your avatar

Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank:
HBH Guru
Posted on 28-08-07 00:06
You need:
Code

curl_setopt( $ch, CURLOPT_FOLLOWLOCATION ,1 );






img138.imageshack.us/img138/6527/sig2ak1.jpg
www.hellboundhackers.org/sig/r/2783.png

http://www.elites0ft.com/
Author

RE: Using cURL on HBH.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 28-08-07 00:45
hm, now I'm getting a blank page, I'm still tinkering with some values though. I'll check back in a bit.
Author

RE: Using cURL on HBH.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 28-08-07 00:56
Well, still no luck, here's something interesting though:

If I remove the "fusion_user" bit of the cookie, the page loads fine, It just says I'm not logged in. Hmmm. It does that with or without the FOLLOWLOCATION option.
Author

RE: Using cURL on HBH.

SySTeM
Member

Your avatar

Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank:
HBH Guru
Posted on 28-08-07 01:52
Peice of advice: Don't use CURLOPT_COOKIE, read up on CURLOPT_HTTPHEADER instead Wink


img138.imageshack.us/img138/6527/sig2ak1.jpg
www.hellboundhackers.org/sig/r/2783.png

http://www.elites0ft.com/
Author

RE: Using cURL on HBH.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 28-08-07 16:09
Well, I tried putting the cookies into an array and sticking them into the HEADER option, but still no luck.

Once again, if I remove the "fusion_user" part of the cookie, the page loads fine, just not from the perspective of a logged in user.

I'll keep at it.
Is anyone else who's trying it right now having the same problem?
Author

RE: Using cURL on HBH.

mido
Member

Your avatar

Posts: 613
Location: Cairo, Egypt
Joined: 27.01.07
Rank:
Monster
Posted on 28-08-07 16:13
I have tried the code you wrote, and it worked for me.
Also, Headers work.
mido_eg3[at]hotmail.com
Author

RE: Using cURL on HBH.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 28-08-07 16:36
Hm, well I just tried it from the command line rather then from within a webpage and it works just fine. Thanks for everyone's help.
Author

RE: Using cURL on HBH.

ZvirX
Member

Your avatar

Posts: 101
Location: Class Object
Joined: 03.11.07
Rank:
Newbie
Posted on 02-12-07 15:33
lesserlightsofheaven wrote:
Hm, well I just tried it from the command line rather then from within a webpage and it works just fine. Thanks for everyone's help.


Hey lesser i'm stuck at the same point as you were it keeps showing me "1"

and it doesn't work when i remove the fusion_user part cookie !!

it works on any other site except hbh !

what do you mean "from a command line" you mean hosting locally like wamp or something ?

i would appreciate it if anyone could help me with this,

Thanks.


n0Ne n0Ne n0Ne
Author

RE: Using cURL on HBH.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-12-07 17:23
ZvirX wrote:
Hey lesser i'm stuck at the same point as you were it keeps showing me "1"

and it doesn't work when i remove the fusion_user part cookie !!

it works on any other site except hbh !

what do you mean "from a command line" you mean hosting locally like wamp or something ?

i would appreciate it if anyone could help me with this,

Thanks.


By that I mean running it through the php interpreter, rather then hosted on a web page.

Code

C:\>php yourscript.php



Author

RE: Using cURL on HBH.

ZvirX
Member

Your avatar

Posts: 101
Location: Class Object
Joined: 03.11.07
Rank:
Newbie
Posted on 02-12-07 20:45
Thanks, now its working but it keeps returning wrong string i even spoofed the referral and still no luck , what i'm doing wrong !

i'm sure i have decrypted it right and the page isn't processed on the server

whats wrong !


n0Ne n0Ne n0Ne
Author

RE: Using cURL on HBH.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-12-07 20:47
ZvirX wrote:
Thanks, now its working but it keeps returning wrong string i even spoofed the referral and still no luck , what i'm doing wrong !

i'm sure i have decrypted it right and the page isn't processed on the server

whats wrong !


I can't help you without code.
Author

RE: Using cURL on HBH.

ZvirX
Member

Your avatar

Posts: 101
Location: Class Object
Joined: 03.11.07
Rank:
Newbie
Posted on 02-12-07 21:07
Here its the same as everybody i guess :|

Code
<?php

$ch = curl_init("http://www.hellboundhackers.org/challenges/timed/timed1/index.php");

curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);

curl_setopt($ch, CURLOPT_VERBOSE, 1);

curl_setopt($ch, CURLOPT_COOKIE,"fusion_user=[CENSORED];

PHPSESSID=[CENSORED]");

curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11)

Gecko/20071127 Firefox/2.0.0.11");


$result = curl_exec($ch);

curl_close($ch);

echo $result;

?>







Edited by ZvirX on 02-12-07 21:08
n0Ne n0Ne n0Ne
Author

RE: Using cURL on HBH.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-12-07 21:18
ZvirX wrote:
Here its the same as everybody i guess :|

Code
<?php

$ch = curl_init("http://www.hellboundhackers.org/challenges/timed/timed1/index.php");

curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);

curl_setopt($ch, CURLOPT_VERBOSE, 1);

curl_setopt($ch, CURLOPT_COOKIE,"fusion_user=[CENSORED];

PHPSESSID=[CENSORED]");

curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11)

Gecko/20071127 Firefox/2.0.0.11");


$result = curl_exec($ch);

curl_close($ch);

echo $result;

?>




Nah that's not nearly the whole code. What you need to do is after getting $result which basically takes the HTML of the page and stores it as a variable, to take the variable, find the encoded string, decode the string, and then use cURL again to do what needs to be done. All that script is doing is it's getting the HTML of the page you want, storing it as a variable, and you're echoing the variable. I posted this in another thread, donno if it will help much but there's only so much you can say before it's a spoiler:

slpctrl wrote:


Well, I don't wanna post my whole code as that's an instant spoiler, but here's what I was doing wrong:


After the initial cURL to get the page, I decided for some reason to use header( 'Location: http://www.hellboundhackers.org/challenges/timed/timed1/index.php?b64=.$var' ) ;

Among other things, until I decided that the best way to tackle it and use the very least time is to use cURL to get the page, like so:

Code

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"http://www.hellboundhackers.org/challenges/timed/timed2/index.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11");
curl_setopt($ch, CURLOPT_COOKIE,"PHPSESSID=censored; fusion_user=censored");
$result = curl_exec($ch);
curl_close($ch);





Then after the page has been processed, use the preg_match_all() function to find each string after "string: ". This information is stored in the $result variable (That's where the HTML of the page that cURL retrieved is). Single the variable out by selecting only one element out of the array like so: $matches[1][0] then it's a simple matter of using the base64_decode() function on $matches[1][0], and then use cURL once more to get the URL

http://www.hellboundhackers.org/challenges/timed/timed1/index.php?b64=

and append the variable to the end that you assigned to the base64_decode ($string=base64_decode($matches[1][0]);
It should look very similar to the first cURL script, except the URL difference. The new URL option for cURL will look something like this:

curl_setopt($ch1, CURLOPT_URL,"http://www.hellboundhackers.org/challenges/timed/timed1/index.php?b64=" . $string);

Hope this helps, and I hope it's not a spoiler. If there are sections that spoil the challenges feel free to remove.


:p
Author

RE: Using cURL on HBH.

ZvirX
Member

Your avatar

Posts: 101
Location: Class Object
Joined: 03.11.07
Rank:
Newbie
Posted on 02-12-07 21:28
I get what you mean but why do that when i can just do it manually the page isn't processed on the server in both cases thats the point of using cURL ..

plus i'm not that experienced with cURL Grin

but i believe it should work in both cases no need to be that specific Pfft

if your right, then i do have alot of googling to do Grin lol


n0Ne n0Ne n0Ne
Author

RE: Using cURL on HBH.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-12-07 21:37
ZvirX wrote:
I get what you mean but why do that when i can just do it manually the page isn't processed on the server in both cases thats the point of using cURL ..

plus i'm not that experienced with cURL Grin

but i believe it should work in both cases no need to be that specific Pfft

if your right, then i do have alot of googling to do Grin lol


Lol I thought I could do that too...never worked. In fact, I had to press the F5 button a few times to get the first 2 to work....sometimes I get it within the time frame, sometimes I don't. It's really not too complicated...if you need any help drop me a PM. But really, you know that the 2nd curl is gonna take the decoded string, and add ?b64=$string so you know what the 2nd round of cURL is doing....inbetween those 2 you need to get the string and decode it.
Author

RE: Using cURL on HBH.

ZvirX
Member

Your avatar

Posts: 101
Location: Class Object
Joined: 03.11.07
Rank:
Newbie
Posted on 02-12-07 21:46
May be some one was viewing the chall while i was decrypting the string lmao

well i'll give it a try .. expect a pm soon hahaha.

Thanks B)


n0Ne n0Ne n0Ne