Timed 1 in Python

Yeah I know it doesn't 'open' it, I'm using urllib2.urlopen() along with Request. Thanks for mentioning that, though. I should've pointed out I was using .urlopen too, sorry.

and Sure, I'll PM you with my code :D

Okay, not sure if you got my PM.

Anyway, after reading your old post on the same subject. I've read through and figured I seem to be having the exact same problem as you (the second one in that thread, not the original one).

Would you be able to give me a hint of what you did?

I had a problem with the cookies. Anyway, I pmed you.

Thanks a lot SwartMumba :D

Helped a lot. :)

Hey, I'm doing the same thing as you (using python) I'm just wondering how you got yourself logged in using urlencode

userpass = {'user_name':'The_Gman',
            'user_pass':'*******',
            'remember_me':'y'}
logininfo = urllib.urlencode(userpass)```
doesn't seem to work.

Also, once you have requested the document, how did you quickly search for the string properly and parse?

Thanks

login_data = urllib.urlencode({'user_name' : 'stdio',
                               'user_pass' : 'mypassword',
                               'login' : 'Login'
                               })

Though doing it this way you have to have a cookie jar set up, and as usual you must still set the headers like user agent and referrer

Yeah I just noticed you didnt have the login set, you need that, and I wouldnt worry about the remember me

The_Gman: It would also help if you used the correct password. ******* does not seem to be your correct password.

I find using urllib2.Request to be the easiest way, the syntax is something like:

Request(<url>,<data>,<headers>)

so you can do this (assume your details are urlencoded in a variable called 'login':

import urllib2
req = urllib2.Request('http://www.hellboundhackers.org/challenges/timed/timed1/index.php?b64='+b64val,None,login)

Then just urlopen the request

stdio wrote:

login_data = urllib.urlencode({'user_name' : 'stdio',
                               'user_pass' : 'mypassword',
                               'login' : 'Login'
                               })

Though doing it this way you have to have a cookie jar set up, and as usual you must still set the headers like user agent and referrer

Yeah I just noticed you didnt have the login set, you need that, and I wouldnt worry about the remember me Didn't have the login set? You mean like… set which form I was submitting? I'm not too sure what the header looks like in that case. I also have no idea what I would set as the referrer/user-agent in that case, but i don't know how markupheaders = { 'User-Agent' : 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)' }

Here's what i have for the login

userpass = {'user_name':'The_Gman',
            'user_pass':'myrealpasswordthistime',
            'remember_me':'y'}
logininfo = urllib.urlencode(userpass)
headers = { 'User-Agent' : 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)' }
request = urllib2.Request("http://www.hellboundhackers.org/index.php", logininfo, headers)
response = urllib2.urlopen(request)
print response.read()```

The_Gman wrote:

markupheaders = { 'User-Agent' : 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)' }

Here's what i have for the login

userpass = {'user_name':'The_Gman',
            'user_pass':'myrealpasswordthistime',
            'remember_me':'y'}
logininfo = urllib.urlencode(userpass)
headers = { 'User-Agent' : 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)' }
request = urllib2.Request("http://www.hellboundhackers.org/index.php", logininfo, headers)
response = urllib2.urlopen(request)
print response.read()```


Now let me again correct your login script

```markup
cj = cookielib.CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
opener.addheaders.append(('User-agent', 'Mozilla/4.0'))
opener.addheaders.append( ('Referer', 'http://www.hellboundhackers.org/index.php') )

login_data = urllib.urlencode({'user_name' : 'stdio',
                                           'user_pass' : 'password',
                                           'login' : 'Login'
                                        })

resp = opener.open('http://www.hellboundhackers.org/index.php', login_data)
resp.close()

Understand?

Edit: Smileys really need to be disabled between code tags :(

Or if you wanted to do it the leet way: http://leeturl.net/qxd B)

You could use that script to complete the challenges. There is an example of a GET, POST request, and quick string parsing. The first request is a POST request which basically 'logs you in.' The second request is just a GET request to get the index.php of HBH, to show that you are logged in.

To test the script, just change the user name and password to yours. Make sure to encode the proper chars, if there are any.

I actually like that code a lot SwartMumba

SwartMumba wrote: the leet way: http://leeturl.net/qxd B)

Very nice, good sir. Tips hat B).

SwartMumba wrote: Or if you wanted to do it the leet way: http://leeturl.net/qxd B)

Impressive, why dont you submit that to the code bank?

stdio wrote: [quote]The_Gman wrote:

markupheaders = { 'User-Agent' : 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)' }

Here's what i have for the login

userpass = {'user_name':'The_Gman',
            'user_pass':'myrealpasswordthistime',
            'remember_me':'y'}
logininfo = urllib.urlencode(userpass)
headers = { 'User-Agent' : 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)' }
request = urllib2.Request("http://www.hellboundhackers.org/index.php", logininfo, headers)
response = urllib2.urlopen(request)
print response.read()```


Now let me again correct your login script

```markup
cj = cookielib.CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
opener.addheaders.append(('User-agent', 'Mozilla/4.0'))
opener.addheaders.append( ('Referer', 'http://www.hellboundhackers.org/index.php') )

login_data = urllib.urlencode({'user_name' : 'stdio',
                                           'user_pass' : 'password',
                                           'login' : 'Login'
                                        })

resp = opener.open('http://www.hellboundhackers.org/index.php', login_data)
resp.close()

Understand?

Edit: Smileys really need to be disabled between code tags :( [/quote] kk I'll try that, thanks for the help

SwartMumba wrote: Or if you wanted to do it the leet way: http://leeturl.net/qxd B)

You could use that script to complete the challenges. There is an example of a GET, POST request, and quick string parsing. The first request is a POST request which basically 'logs you in.' The second request is just a GET request to get the index.php of HBH, to show that you are logged in.

To test the script, just change the user name and password to yours. Make sure to encode the proper chars, if there are any. That code is really nice and clean. I had to program a proxy in c and had to hand build some headers like that. That said, I've done it, I just want to become more familiar with urllib2. I'm making a little application that can be used for (hopefully) all the timed challenges.

Hm, it should work, but I'm getting 'Wrong string, try again!'. I'm guessing it's a speed issue though, because i think my re is good. I sent the code to one stdio because I obviously can't just post it here though.

How does the re look?

code = re.findall('[A-Za-z0-9]+\=\=', html)[0] decoded = base64.b64decode(code)

Holy multipost..

stdio, you inbox was full I realized my problem. I was passing the decoded string as an argument and not feeding the token in the first string argument (", string vs " % string)

Now i get the too slow error :D I'll try it at work or something.

My script is too slow too… :) btw to easily input cookies into the request, use req.add_header("Cookie", "your cookies here"), it is much simplier than your way :0

i used cookielib, opener, urlencode, and user-agent & referer headers still get YOU MUST BE LOGGED IN TO PLAY! (no login) Basicly i copy and paste the posted code and change user & pass.

If you cant figure it out, feel free to pm me your entire code, and I can look over and make suggestions on it

@ro9 - What the hell? Why did you revive another old thread for the same question you already asked?

would anyone be willing to take a look at my code for this? I have been learning python recently, and wanted to try my hand at the timed challenges. I believe my code works (i based it off of one of the articles here), but i know it takes too long (avg time is 2.5 sec). I am also not sure my request at the end is formatted properly. An extra set of eyes to offer some suggestions how to optimize what I'm doing would be very appreciated.