Java-Question: Login to HTS

Discuss how to write good code, break bad code, your current pet projects, or the best way to approach novel problems

Java-Question: Login to HTS

Post by HellUser on Mon Nov 12, 2012 6:13 pm
([msg=70791]see Java-Question: Login to HTS[/msg])

hi there ;)

i wonder, if someone can tell me, how to get loged in to hts via java and (eg) download some file?

assumate the app will be a webbrowser, so i'll send something like

GET /index.php HTTP1.0\r\nReferer:http://www.hackthissite.org\r\nAccept-Charset:UTF-8\r\nCookie:[PHPSESSID=session goes here; path=/}



i just want the string to send, cause in some cases sockets will be faster than url-connection etc


and sry 4 my bad english ;)

-- Mon Nov 12, 2012 6:21 pm --

Some democode 4 loging in - the problem: login-failed site will appear

plz take notice of the red color down there - you may enter your pwd ;)

Code: Select all
/**
*   STREETRULEZ
**/
package browser_script;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;

public class browser_script
{
   private String PHPSESSID = "";
   private String LOGIN_URL = "http://www.hackthissite.org/user/login";
   private String REFERER = "http://www.hackthissite.org/";
   private String USERAGENT = "User-Agent=Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13";

   private URL u;
   private URLConnection conn;

   public browser_script()
   {
      doLogin();
   }

   private void sendHeaders(final URLConnection conn)
   {
      conn.addRequestProperty("Referer", REFERER);
      conn.addRequestProperty("User-agent", USERAGENT);
      conn.addRequestProperty("Keep-Alive", "115");
      conn.addRequestProperty("Connection", "keep-alive");
      System.err.println(PHPSESSID);
      if (PHPSESSID.length() > 4) conn.addRequestProperty("Cookie", "PHPSESSID=" + PHPSESSID + "; path=/");
   }

   private void openConn(final String url)
   {
      try
      {
         u = new URL(url);
         conn = u.openConnection();
      }
      catch (MalformedURLException ex)
      {
         ex.printStackTrace();
      }
      catch (IOException ex)
      {
         ex.printStackTrace();
      }
   }

   public String loadPage(final String url)
   {
      String rec = "";
      try
      {
         String tmp = "";
         rec = "";

         openConn(url);
         conn.setDoOutput(true);
         sendHeaders(conn);
         conn.connect();

         BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream()));
         while ((tmp = br.readLine()) != null)
            rec += "\r\n" + tmp;
         br.close();
      }
      catch (IOException ex)
      {
         ex.printStackTrace();
      }
      return rec;
   }

   public void doLogin()
   {
      try
      {
         openConn(LOGIN_URL);
         conn.setDoOutput(true);
         conn.setRequestProperty("Request-Method", "POST");
         sendHeaders(conn);
         conn.connect();

         String data = "username=helluser&password=[color=#FF0000]@Call%20Autoexec.bat[/color]&btn_submit=Login";

         BufferedWriter bw = new BufferedWriter(new OutputStreamWriter(conn.getOutputStream()));
         bw.write(data);
         bw.flush();
         bw.close();
         
         String sid = conn.getHeaderFields().toString();
         System.out.println(sid);
         int start = sid.indexOf("PHPSESSID=") + 10;
         int end = sid.indexOf(';', start);
         this.PHPSESSID = sid.substring(start, end);

         BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream()));

         String line = "";
         while ((line = br.readLine()) != null)
            System.out.println(line);
      }
      catch (MalformedURLException ex)
      {
         ex.printStackTrace();
      }
      catch (UnsupportedEncodingException ex)
      {
         ex.printStackTrace();
      }
      catch (IOException ex)
      {
         ex.printStackTrace();
      }
   }

   public static void main(String args[])
   {
      new browser_script();
   }
}

HellUser
New User
New User
 
Posts: 5
Joined: Mon Nov 12, 2012 5:10 pm
Blog: View Blog (0)


Re: Java-Question: Login to HTS

Post by WallShadow on Mon Nov 12, 2012 6:45 pm
([msg=70793]see Re: Java-Question: Login to HTS[/msg])

First off, welcome to HTS!

Now I recommend that you use HTTP 1.1 instead of 1.0 because almost no servers ever respond with HTTP/1.0 these days.

Second, you must have a "Host:" line in your request or else the server won't know which site you want to get.

now to get a page, this is the minimum of what you have to send:

Code: Select all
GET / HTTP/1.1
Host: www.hackthissite.org




// Make sure there are 2!! exactly 2 spaces after those last line you send, that tells the server that you are done sending info

this will get the root page of the site http://www.hackthissite.org (because there can be several sites all on one IP address or even on one server).



Now if you want to login, I found this to be the minimum amount of information you have to send to HTS servers to login:
Code: Select all
POST http://www.hackthissite.org/user/login HTTP/1.1
Host: www.hackthissite.org
Proxy-Connection: keep-alive
Referer: http://www.hackthissite.org/user/login
Content-Type: application/x-www-form-urlencoded
Content-Length: 56

username=WallShadow&password=Pass&btn_submit=Login




// Make sure there is EXACTLY 1 space before the username thing and then 2 spaces after it.


This will attempt a login to the HTS servers. If it is successful, it will return a "HTTP/1.1 302 Found" message. In the message, it will also send a line with "Set-Cookie:" with the PHPSESSID cookie. you must then send any requests to the page like this:

Code: Select all
GET / HTTP/1.1
Host: www.hackthissite.org
Cookie: PHPSESSID=027jgvlkhsgl1rf1js039c8qo7




this will remind the server of who you are and it will recognize with your unique PHPSESSID.

Again, this is the minimum. Normally, you would send a lot more information to the server, but the it can be lenient because some browsers are over a decade old and barely know of today's standards of communication. Someone out there is probably cursing at me for using the minimum, but I don't care.

And listen, if you really want to get into this stuff, download ZAP attack proxy (https://www.owasp.org/index.php/OWASP_Z ... xy_Project) and just set it to listen in on how your browser requests a login. After that, try sending your own exact duplicate of the request, and then slowly start modifying it one line at a time, see what works best.

- WallShadow <3
User avatar
WallShadow
Contributor
Contributor
 
Posts: 594
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)


Re: Java-Question: Login to HTS

Post by HellUser on Mon Nov 12, 2012 7:01 pm
([msg=70794]see Re: Java-Question: Login to HTS[/msg])

thank you 4 that nice post - i think, this will help me and some other people connecting to hts cuz this lines are not only 4 java ;)

as u see my script is parsing the PHPSESS, but there are some bugs i fixed - e.g. the thing with the host, space and... i used urlencode for the username and the password and reade some bit about posting data and header fields ;)





thanks,

problem solved
HellUser
New User
New User
 
Posts: 5
Joined: Mon Nov 12, 2012 5:10 pm
Blog: View Blog (0)


Re: Java-Question: Login to HTS

Post by limdis on Mon Nov 12, 2012 9:23 pm
([msg=70798]see Re: Java-Question: Login to HTS[/msg])

WallShadow, +1
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1357
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: Java-Question: Login to HTS

Post by centip3de on Mon Nov 12, 2012 9:26 pm
([msg=70800]see Re: Java-Question: Login to HTS[/msg])

HellUser wrote:thank you 4 that nice post - i think, this will help me and some other people connecting to hts cuz this lines are not only 4 java ;)

as u see my script is parsing the PHPSESS, but there are some bugs i fixed - e.g. the thing with the host, space and... i used urlencode for the username and the password and reade some bit about posting data and header fields ;)





thanks,

problem solved


Awhile back I actually did something similar in C, which is kinda similar to Java (kinda...), and posted it on the forums here. Even if you don't understand C, I commented every line, so you should be able to follow along anyway.

Here's the source: http://pastebin.com/xnc4hF5F

/selfless plug
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1424
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Re: Java-Question: Login to HTS

Post by HellUser on Wed Nov 14, 2012 9:29 pm
([msg=70868]see Re: Java-Question: Login to HTS[/msg])

thats a nice tutorial for newbies =)
i'm not familiar with c, only languages i know are PHP and JAVA (HTML is no programming language ;) ) but i understand that code =)


i know that there r some java-users reading this and i wanna show you some lines, i've learned to use since i've failed to login with my java-scripts:

the missions with images made me mad and i've read a little bout getting some image from somewhere clicked by the mouse

http://docs.oracle.com/javase/1.4.2/docs/api/java/awt/Toolkit.html

Code: Select all
// get the clipboard from System
Clipboard cb = Toolkit.getDefaultToolkit().getSystemClipboard();

// wait until you copied some picture into your clipboard
while (!cb.isDataFlavorAvailable(DataFlavor.imageFlavor))
{
   Thread.currentThread().sleep(500);
}
// and create a bufferedImage
BufferedImage bi = (BufferedImage) cb.getData(DataFlavor.imageFlavor);


this will help for the most missions ;)

i go to sleep now ;)

have a nice day ^^
HellUser
New User
New User
 
Posts: 5
Joined: Mon Nov 12, 2012 5:10 pm
Blog: View Blog (0)



Return to Programming

Who is online

Users browsing this forum: No registered users and 0 guests