Welcome to HBH V2 ! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.
CSRF TOKEN???!!!!
With Python to get the token you’d just feed it a regular expression telling it what to look for:
token = re.findall(’[A-Za-z0-9]{40}’, r.text)
Does cURL not just save your token in the Cookiejar ?
Maybe try enabling cookie handling in the cURL request using CURLOPT_COOKIEJAR and CURLOPT_COOKIEFILE. if you haven’t already.
Also send me your code if you’re still having problems , and then I can run it on my end and see the problems for myself.