Java-Question: Login to HTS

hi there

i wonder, if someone can tell me, how to get loged in to hts via java and (eg) download some file?

assumate the app will be a webbrowser, so i'll send something like

GET /index.php HTTP1.0\r\nReferer:http://www.hackthissite.org\r\nAccept-Charset:UTF-8\r\nCookie:[PHPSESSID=session goes here; path=/}

i just want the string to send, cause in some cases sockets will be faster than url-connection etc

and sry 4 my bad english

-- Mon Nov 12, 2012 6:21 pm --

Some democode 4 loging in - the problem: login-failed site will appear

plz take notice of the red color down there - you may enter your pwd

Code: Select all: /** * STREETRULEZ **/ package browser_script; import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.IOException; import java.io.InputStreamReader; import java.io.OutputStreamWriter; import java.io.UnsupportedEncodingException; import java.net.MalformedURLException; import java.net.URL; import java.net.URLConnection; public class browser_script { private String PHPSESSID = ""; private String LOGIN_URL = "http://www.hackthissite.org/user/login"; private String REFERER = "http://www.hackthissite.org/"; private String USERAGENT = "User-Agent=Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13"; private URL u; private URLConnection conn; public browser_script() { doLogin(); } private void sendHeaders(final URLConnection conn) { conn.addRequestProperty("Referer", REFERER); conn.addRequestProperty("User-agent", USERAGENT); conn.addRequestProperty("Keep-Alive", "115"); conn.addRequestProperty("Connection", "keep-alive"); System.err.println(PHPSESSID); if (PHPSESSID.length() > 4) conn.addRequestProperty("Cookie", "PHPSESSID=" + PHPSESSID + "; path=/"); } private void openConn(final String url) { try { u = new URL(url); conn = u.openConnection(); } catch (MalformedURLException ex) { ex.printStackTrace(); } catch (IOException ex) { ex.printStackTrace(); } } public String loadPage(final String url) { String rec = ""; try { String tmp = ""; rec = ""; openConn(url); conn.setDoOutput(true); sendHeaders(conn); conn.connect(); BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream())); while ((tmp = br.readLine()) != null) rec += "\r\n" + tmp; br.close(); } catch (IOException ex) { ex.printStackTrace(); } return rec; } public void doLogin() { try { openConn(LOGIN_URL); conn.setDoOutput(true); conn.setRequestProperty("Request-Method", "POST"); sendHeaders(conn); conn.connect(); String data = "username=helluser&password=[color=#FF0000]@Call%20Autoexec.bat[/color]&btn_submit=Login"; BufferedWriter bw = new BufferedWriter(new OutputStreamWriter(conn.getOutputStream())); bw.write(data); bw.flush(); bw.close(); String sid = conn.getHeaderFields().toString(); System.out.println(sid); int start = sid.indexOf("PHPSESSID=") + 10; int end = sid.indexOf(';', start); this.PHPSESSID = sid.substring(start, end); BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream())); String line = ""; while ((line = br.readLine()) != null) System.out.println(line); } catch (MalformedURLException ex) { ex.printStackTrace(); } catch (UnsupportedEncodingException ex) { ex.printStackTrace(); } catch (IOException ex) { ex.printStackTrace(); } } public static void main(String args[]) { new browser_script(); } }

First off, welcome to HTS!

Now I recommend that you use HTTP 1.1 instead of 1.0 because almost no servers ever respond with HTTP/1.0 these days.

Second, you must have a "Host:" line in your request or else the server won't know which site you want to get.

now to get a page, this is the minimum of what you have to send:

Code: Select all: GET / HTTP/1.1 Host: www.hackthissite.org

// Make sure there are 2!! exactly 2 spaces after those last line you send, that tells the server that you are done sending info

this will get the root page of the site http://www.hackthissite.org (because there can be several sites all on one IP address or even on one server).

Now if you want to login, I found this to be the minimum amount of information you have to send to HTS servers to login:

Code: Select all: POST http://www.hackthissite.org/user/login HTTP/1.1 Host: www.hackthissite.org Proxy-Connection: keep-alive Referer: http://www.hackthissite.org/user/login Content-Type: application/x-www-form-urlencoded Content-Length: 56 username=WallShadow&password=Pass&btn_submit=Login

// Make sure there is EXACTLY 1 space before the username thing and then 2 spaces after it.

This will attempt a login to the HTS servers. If it is successful, it will return a "HTTP/1.1 302 Found" message. In the message, it will also send a line with "Set-Cookie:" with the PHPSESSID cookie. you must then send any requests to the page like this:

Code: Select all: GET / HTTP/1.1 Host: www.hackthissite.org Cookie: PHPSESSID=027jgvlkhsgl1rf1js039c8qo7

this will remind the server of who you are and it will recognize with your unique PHPSESSID.

Again, this is the minimum. Normally, you would send a lot more information to the server, but the it can be lenient because some browsers are over a decade old and barely know of today's standards of communication. Someone out there is probably cursing at me for using the minimum, but I don't care.

And listen, if you really want to get into this stuff, download ZAP attack proxy (https://www.owasp.org/index.php/OWASP_Z ... xy_Project) and just set it to listen in on how your browser requests a login. After that, try sending your own exact duplicate of the request, and then slowly start modifying it one line at a time, see what works best.

- WallShadow <3

thank you 4 that nice post - i think, this will help me and some other people connecting to hts cuz this lines are not only 4 java

as u see my script is parsing the PHPSESS, but there are some bugs i fixed - e.g. the thing with the host, space and... i used urlencode for the username and the password and reade some bit about posting data and header fields

thanks,

problem solved

WallShadow, +1

HellUser wrote:thank you 4 that nice post - i think, this will help me and some other people connecting to hts cuz this lines are not only 4 java

as u see my script is parsing the PHPSESS, but there are some bugs i fixed - e.g. the thing with the host, space and... i used urlencode for the username and the password and reade some bit about posting data and header fields

thanks,

problem solved

Awhile back I actually did something similar in C, which is kinda similar to Java (kinda...), and posted it on the forums here. Even if you don't understand C, I commented every line, so you should be able to follow along anyway.

Here's the source: http://pastebin.com/xnc4hF5F

/selfless plug

thats a nice tutorial for newbies =)
i'm not familiar with c, only languages i know are PHP and JAVA (HTML is no programming language

) but i understand that code =)

i know that there r some java-users reading this and i wanna show you some lines, i've learned to use since i've failed to login with my java-scripts:

the missions with images made me mad and i've read a little bout getting some image from somewhere clicked by the mouse

http://docs.oracle.com/javase/1.4.2/docs/api/java/awt/Toolkit.html

Code: Select all: // get the clipboard from System Clipboard cb = Toolkit.getDefaultToolkit().getSystemClipboard(); // wait until you copied some picture into your clipboard while (!cb.isDataFlavorAvailable(DataFlavor.imageFlavor)) { Thread.currentThread().sleep(500); } // and create a bufferedImage BufferedImage bi = (BufferedImage) cb.getData(DataFlavor.imageFlavor);

this will help for the most missions

i go to sleep now

have a nice day ^^

Java-Question: Login to HTS

Java-Question: Login to HTS

Re: Java-Question: Login to HTS

Re: Java-Question: Login to HTS

Re: Java-Question: Login to HTS

Re: Java-Question: Login to HTS

Re: Java-Question: Login to HTS

Who is online