C# Site login
Hey guys, i have a quick question.
I do a lot of programming and i want to do the timed challenges here in c# or C++. The challenge part is easy i just cant seem to login to HBH. Here's my C# code that refuses to retrieve the source for me.
HttpWebRequest webR = (HttpWebRequest)WebRequest.Create("http://www.hellboundhackers.org");
webR.CookieContainer = cooks;
webR.Method = "Post";
// tried both get and post methods.
HttpWebResponse webRs = (HttpWebResponse) webR.GetResponse();
System.IO.StreamReader str = new System.IO.StreamReader( webRs.GetResponseStream());```
Ive tried almost everything i can think of. i assume i am supposed to post the login info some how but i am not familiar with webRequests.
Thanks in advance :D
sk8more272 wrote: Now thats what i would have thought, like i said that theory works with the webBrowser but not the webRequest or webClient, and the browser is way to slow. i guess its just because c# isnt made for this sort of thing. it does register the cookies and read the source, it just says i need to log in.
It should work… Ah well, you're probably better off doing this with perl/python, or, if you are well-versed in PHP, cURL.
spyware wrote: It should work… Ah well, you're probably better off doing this with perl/python Ooooor, he could keep working on this in C# or maybe C++ as he previously suggested and learn something. At least if he's doing these particular challenges to learn something new within his language of choice. That'd be cool methinks.
spyware wrote: , or, if you are well-versed in PHP, cURL. Or, without cURL.
spyware wrote: Raw sockets?
I agree that solving the problems in C# is more rewarding. OP might benefit from a small detour to a different language in which he/she can complete the challenge before continuing to debug the C# code. Well, PHP has a simple thing called fsockopen which is perfect for these things. I'm just sick of hearing cURL being pushed in there every single time when there are other, built-in, easy options which will probably produce way less code for something this simple. Plus that given the error the OP is doing (from what I can tell) he's got no idea of how the protocol works underneath and will continue making the exact same mistakes with cURL as well. Proof for this is the comment about trying both GET and POST methods. If he'd switch just like that he would probably have to learn HTTP basics, which would actually be my suggestion either way.
COM wrote: Plus that given the error the OP is doing (from what I can tell) he's got no idea of how the protocol works underneath and will continue making the exact same mistakes with cURL as well. Proof for this is the comment about trying both GET and POST methods. If he'd switch just like that he would probably have to learn HTTP basics, which would actually be my suggestion either way.
Exactly, i know the programming side of this, just not the networking side. i can do this in php but i want a challenge and would like to try it in c#. i know the data needs to be posted, i just dont know what data or format. i can write the data to the webRequest stream but i have no clue how it works or what it needs to log me in. i just figured passing the cookies was enough.
sk8more272 wrote: Exactly, i know the programming side of this I kinda have my doubts about that… but who knows, hopefully I'm wrong with them.
sk8more272 wrote: , just not the networking side. i can do this in php but i want a challenge and would like to try it in c#. i know the data needs to be posted, i just dont know what data or format. i can write the data to the webRequest stream but i have no clue how it works or what it needs to log me in. i just figured passing the cookies was enough.
Christ, man, here: http://www.jmarshall.com/easy/http/ read up!
COM wrote: [quote]sk8more272 wrote: I kinda have my doubts about that… but who knows, hopefully I'm wrong with them.
Thanks man, but have your doubts, im not here to impress. i got 2 done within minutes with php, i just wanted to learn something with c#. just because im new doesn't mean im a total skiddie. but honestly thanks a lot for your help :]
sk8more272 wrote: Thanks man, but have your doubts, im not here to impress. Yes you are, it's in the hbh rules that you had to accept when you signed up.
i got 2 done within minutes with php And since you are not here to impress, we'll just pretend you didn't write that :)
i just wanted to learn something with c#. just because im new doesn't mean im a total skiddie. but honestly thanks a lot for your help :] Didn't say skiddie, there are plenty of non-skids who can't code for shit, when I say I have doubts that's generally my default disposition due to experience, glad you understand :) Anyhow, since you mentioned C++ up in the first post, I thought you might enjoy this standard link in case you've yet to look through it: http://beej.us/guide/bgnet/ I hope you'll give it a try.
Ok, i finally got it, i read like 30 articles on http shit and found out that i needed to pass the fusion_user cookie as a header, that's it. i tried phpsessid which would have made sense, but no. fusion_user no idea what that is so can somebody explain that? and also why i couldn't just post "user_name=####&user_pass=#####"? and really thanks for the help :]
sk8more272 wrote: Ok, i finally got it, i read like 30 articles on http shit and found out that i needed to pass the fusion_user cookie as a header, that's it. i tried phpsessid which would have made sense, but no. fusion_user no idea what that is so can somebody explain that? and also why i couldn't just post "user_name=####&user_pass=#####"? and really thanks for the help :]
you need to post the cookies of your active session, yeah. You could've logged in via C# too, you'd need to save the cookies in a cookiejar though.
ok i have another problem, go figure. for example, timed mission 3, i think thats where you crack the MD5 hash. i send a request with my cookie header, i get a response and read the html, i parse it and get the hash and then crack it. now i cant figure out how to post it back. i need to enter the answer in a textbox, but i cant since its just a response with the html. ok thats fine but it posts the answer to "/index.php?check" but in order to post that back i need to open a new web request because i cant write to the same one. but if i open a new request it basically just gets another page thus a new hash and then its the same problem. Is there a way to post back without a new httpWebRequest? i dont think i can use the responseStream to post back more data and i cant write to the request after i get the response so im lost. i know ive been difficult but you guys have all been extremely helpful and i thank you, but i truly have never done anything this involved with http in any language so can somebody please explain how i could accomplish posting back the answer? if needed i can pm or post my code. any help would be GREATLY appreciated, i just want to learn :] and trust me ive tried google :/ Thanks in advance (again)
<edit> I also was not using the PHPSESSID cookie, just fusion_user but i added both to the header and tried it again but still no go.
sk8more272 wrote: ok i have another problem, go figure. for example, timed mission 3, i think thats where you crack the MD5 hash. i send a request with my cookie header, i get a response and read the html, i parse it and get the hash and then crack it. now i cant figure out how to post it back. i need to enter the answer in a textbox, but i cant since its just a response with the html. ok thats fine but it posts the answer to "/index.php?check" but in order to post that back i need to open a new web request because i cant write to the same one. but if i open a new request it basically just gets another page thus a new hash and then its the same problem. Is there a way to post back without a new httpWebRequest? i dont think i can use the responseStream to post back more data and i cant write to the request after i get the response so im lost. i know ive been difficult but you guys have all been extremely helpful and i thank you, but i truly have never done anything this involved with http in any language so can somebody please explain how i could accomplish posting back the answer? if needed i can pm or post my code. any help would be GREATLY appreciated, i just want to learn :] and trust me ive tried google :/ Thanks in advance (again)
<edit> I also was not using the PHPSESSID cookie, just fusion_user but i added both to the header and tried it again but still no go.
Well, you obviously still don't understand how these things work even though you proposedly have experience now with both http and php. So honestly I'd like to help, but I don't know how to really because I don't know where to begin. If you're lucky, empirical observation will enlighten you so here's a crazy-ass idea: actually open up a new web request and post it back to the same page. You should know, these aren't apps that fuse together into one big superapp that has nothing to do with another one. These are separate programs working out of ifs, elses and reminders made of ID, you have those cookies for a reason.
I really don't have "experience" as this is my first time doing anything like this. i have learned a lot so far thanks to you guys, and that's all i'm looking for, not mission points. But i've tried making a new webRequest opened to the same page, but then its just like reloading the original page which generates a new hash/equation and the answer i got from the response is then wrong, i THINK, but it may be the fact i don't know exactly what format to post the answer in.
But can you at least tell me the format to post the data and WHY? Like in timed #8 for example, it says post back the answer, where ans = a. so, does that mean to post back "-541", "ans = -541","-541 = a" or "a = -541" (assuming -541 is my answer) to "http://www.hellboundhackers.org/challenges/timed/timed8/index.php"?
i know it may seem like i'm a lost cause, but i really do have a pretty good background with programming believe it or not, which is why i guess im so caught up in getting this to work. i absolutely HATE when i have a task that i CANT accomplish. and until now that hasn't happened. Thank you all so much, sorry for the annoyance.
How you managed to learn some PHP without learning of $_GET and $_POST, or if you did then how you managed to read about HTTP as well as that and not put two and two together, is beyond me. But, if it says "where ans =" then you probably will need the ans and the equals sign. Protip: there are no spaces… ever. You know, that link about HTTP I gave before actually has a neat little section about the POST method. I'm not handing out links because it gives me physical pleasure, you know.
Well COM and Spyware thank you for everything i finally got it, i switched to a webClient and tried posting "ans=###" with uploadString but that diddnt work. i then used uploadValues with a NameValueCollection that contained the name "ans" and the value as my answer and it worked, i just don't know why the uploadString wouldn't work but that did :/ but thanks alot and im going to go research the uploadValues method. :]
is a compiled language that much better than c#? i've been reading some c++ books but have not yet had the chance to put my knowledge to use. So far i only know VB,C#,Actionscript(i know),java and some php. What language would you guys recommend to migrate to? i'm leaning more towards c++ just to get away from the shitty .net languages, and i don't want to make my primary language a high-level like java :/
Your CookieContainer initialization lacks a proper constructor, but you already know that.
These might help:
http://en.csharp-online.net/HTTP_Post
http://en.csharp-online.net/CSharp_FAQ:_What_is_the_easiest_way_to_fetch_a_Web_page_in_.NET