Welcome to HBH V2 ! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.


synstealth's Avatar
2,490 1

frustrated with this token, Each time I try to access the page, I ether get 405 not allowed or 419 expired - Im using PHP CURL and anyone who successfully did this, can you please help me with some pointers or look at my code and see what the hell is going on ?

Mordak's Avatar
Evil Sorcerer
4,025 17

This is why for V3 we will have the Challenges API to remove this complexity. However for now the I scape the page and pull the CSRF token from the header or the form, both methods will work as its the same token.

rex_mundi's Avatar
☆ Lucifer ☆
3,050 5

Hahah PHP ….. everyones grandads favourite coding language.

rex_mundi's Avatar
☆ Lucifer ☆
3,050 5

With Python to get the token you’d just feed it a regular expression telling it what to look for:

token = re.findall(’[A-Za-z0-9]{40}’, r.text)

Does cURL not just save your token in the Cookiejar ?

Maybe try enabling cookie handling in the cURL request using CURLOPT_COOKIEJAR and CURLOPT_COOKIEFILE. if you haven’t already.

Also send me your code if you’re still having problems , and then I can run it on my end and see the problems for myself.