mIRC Home    About    Download    Register    News    Help

Print Thread
socks POST #124678 09/07/05 08:06 PM
Joined: Jul 2004
Posts: 21
X
xhine Offline OP
Ameglian cow
OP Offline
Ameglian cow
X
Joined: Jul 2004
Posts: 21
I'm trying to submit some information into a form on a website and has made a script to do it. I kept trying and trying but kept getting

HTTP/1.1 400 Bad Request.
Your browser sent a request that this server could not understand.
Request header field is missing colon separator.

So, in the end i decided to use "ethereal" - a program that will show you your packets - and used the EXACT "conversation" that went on between the site and my browser. I used that and still get bad request. The only thing i noticed was that the & gets converted into &

anyone have any ideas?
ex:

the form submittion line im sending is

input=yes&type=NotSure&Submit=Submit

when the bad request returns my line, it shows it as
input=yes&type=NotSure&Submit=Submit

Last edited by xhine; 09/07/05 08:09 PM.
Re: socks POST #124679 09/07/05 08:18 PM
Joined: Feb 2004
Posts: 2,019
FiberOPtics Offline
Hoopy frood
Offline
Hoopy frood
Joined: Feb 2004
Posts: 2,019
Unless you show us what page it is you are trying to log into, there isn't much we can do.

Are you sending the correct content length? And using POST in the correct way? Does your data posted contain all form fields?

Just give me the link of what you're trying to access...


Gone.
Re: socks POST #124680 09/07/05 08:34 PM
Joined: Jul 2004
Posts: 21
X
xhine Offline OP
Ameglian cow
OP Offline
Ameglian cow
X
Joined: Jul 2004
Posts: 21
http://www.securitystats.com/tools/hashcrack.php

Code:
 
  .sockwrite -n $sockname POST /tools/hashcrack.php HTTP/1.1
  .sockwrite -n $sockname Accept: */*
  .sockwrite -n $sockname Referer: http://www.securitystats.com/tools/hashcrack.php
  .sockwrite -n $sockname Accept-Language: en-us 
  .sockwrite -n $sockname Content-Type: application/x-www-form-urlencoded 
  .sockwrite -n $sockname Accept-Encoding: gzip, deflate 
  .sockwrite -n $sockname User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; (R1 1.5)) 
  .sockwrite -n $sockname Host: www.securitystats.com 
  .sockwrite -n $sockname Content-Length: 69
  .sockwrite -n $sockname Connection: Keep-Alive 
  .sockwrite -n $sockname Cache-Control: no-cache  
  .sockwrite -n $sockname inputhash= $+ %secsx.pw $+ &type=NotSure&Submit=Submit
  .sockwrite -n $sockname 

 

and that's the script.
it's jsut supposed to be a simple hash check command for a channel. i don't know why it doesnt work

%secsx.pw = the hash
you can use 5D41402ABC4B2A76B9719D911017C592 which comes out to "hello"

Last edited by xhine; 09/07/05 08:47 PM.
Re: socks POST #124681 09/07/05 09:52 PM
Joined: Feb 2004
Posts: 2,019
FiberOPtics Offline
Hoopy frood
Offline
Hoopy frood
Joined: Feb 2004
Posts: 2,019
I've whipped you up an example script.

; Usage: /hashcrack

Code:
alias hashcrack {
  if $sock(hashcrk) { sockclose hashcrk }
  var %types = SHA1 MD4 MD5 LANMAN NT NotSure
  set %hcr.hash $$input(Enter a hash,eo)
  set %hcr.type $$input(Enter a type (case-sensitive): %types,eo)
  if !$istokcs(%types,%hcr.type,32) {
    echo -ac info * /hashcrk: Inccorect type specified. Possible: %types
    return
  }
  sockopen hashcrk securitystats.com 80
  sockmark hashcrk $+(inputhash=,%hcr.hash,&type=,%hcr.type,&Submit=Submit)
}
 [color:red]  [/color] 
on *:sockopen:hashcrk:{
  if $sockerr { echo -ac info * /hashcrk: Error opening socket | return }
  var %s = sockwrite -n $sockname, %data = $sock(hashcrk).mark
  %s POST /tools/hashcrack.php HTTP/1.1
  %s Referer: http://www.securitystats.com/tools/hashcrack.php
  %s Host: securitystats.com
  %s Content-Type: application/x-www-form-urlencoded
  %s Content-Length: $len(%data)
  %s Connection: Keep-Alive
  %s Cache-Control: no-cache
  %s
  %s %data
}
 [color:red]  [/color] 
on *:sockread:hashcrk:{
  if $sockerr { return }
  var %a
  sockread %a
  while $sockbr {
    if $regex(hcr,%a,/([^>]+) Hash Found!!.+? $+ %hcr.hash = (.*?)</) || *</body>* iswm %a {
      sockclose hashcrk
      if $regml(hcr,1) {
        echo -ac info * /hashcrack: Type: $ifmatch - Value for hash %hcr.hash $+ : $regml(hcr,2)
      }
      else echo -ac info * /hashcrack: no match found for %hcr.hash of type %hcr.type
      unset %hcr.*
      return    
    }
    sockread %a
  }
}


Gone.
Re: socks POST #124682 09/07/05 10:07 PM
Joined: Jul 2004
Posts: 21
X
xhine Offline OP
Ameglian cow
OP Offline
Ameglian cow
X
Joined: Jul 2004
Posts: 21
ah ok, thank you