mIRC Homepage
Posted By: xhine socks POST - 09/07/05 08:06 PM
I'm trying to submit some information into a form on a website and has made a script to do it. I kept trying and trying but kept getting

HTTP/1.1 400 Bad Request.
Your browser sent a request that this server could not understand.
Request header field is missing colon separator.

So, in the end i decided to use "ethereal" - a program that will show you your packets - and used the EXACT "conversation" that went on between the site and my browser. I used that and still get bad request. The only thing i noticed was that the & gets converted into &

anyone have any ideas?
ex:

the form submittion line im sending is

input=yes&type=NotSure&Submit=Submit

when the bad request returns my line, it shows it as
input=yes&type=NotSure&Submit=Submit
Posted By: FiberOPtics Re: socks POST - 09/07/05 08:18 PM
Unless you show us what page it is you are trying to log into, there isn't much we can do.

Are you sending the correct content length? And using POST in the correct way? Does your data posted contain all form fields?

Just give me the link of what you're trying to access...
Posted By: xhine Re: socks POST - 09/07/05 08:34 PM
http://www.securitystats.com/tools/hashcrack.php

Code:
 
  .sockwrite -n $sockname POST /tools/hashcrack.php HTTP/1.1
  .sockwrite -n $sockname Accept: */*
  .sockwrite -n $sockname Referer: http://www.securitystats.com/tools/hashcrack.php
  .sockwrite -n $sockname Accept-Language: en-us 
  .sockwrite -n $sockname Content-Type: application/x-www-form-urlencoded 
  .sockwrite -n $sockname Accept-Encoding: gzip, deflate 
  .sockwrite -n $sockname User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; (R1 1.5)) 
  .sockwrite -n $sockname Host: www.securitystats.com 
  .sockwrite -n $sockname Content-Length: 69
  .sockwrite -n $sockname Connection: Keep-Alive 
  .sockwrite -n $sockname Cache-Control: no-cache  
  .sockwrite -n $sockname inputhash= $+ %secsx.pw $+ &type=NotSure&Submit=Submit
  .sockwrite -n $sockname 

 

and that's the script.
it's jsut supposed to be a simple hash check command for a channel. i don't know why it doesnt work

%secsx.pw = the hash
you can use 5D41402ABC4B2A76B9719D911017C592 which comes out to "hello"
Posted By: FiberOPtics Re: socks POST - 09/07/05 09:52 PM
I've whipped you up an example script.

; Usage: /hashcrack

Code:
alias hashcrack {
  if $sock(hashcrk) { sockclose hashcrk }
  var %types = SHA1 MD4 MD5 LANMAN NT NotSure
  set %hcr.hash $$input(Enter a hash,eo)
  set %hcr.type $$input(Enter a type (case-sensitive): %types,eo)
  if !$istokcs(%types,%hcr.type,32) {
    echo -ac info * /hashcrk: Inccorect type specified. Possible: %types
    return
  }
  sockopen hashcrk securitystats.com 80
  sockmark hashcrk $+(inputhash=,%hcr.hash,&type=,%hcr.type,&Submit=Submit)
}
 [color:red]  [/color] 
on *:sockopen:hashcrk:{
  if $sockerr { echo -ac info * /hashcrk: Error opening socket | return }
  var %s = sockwrite -n $sockname, %data = $sock(hashcrk).mark
  %s POST /tools/hashcrack.php HTTP/1.1
  %s Referer: http://www.securitystats.com/tools/hashcrack.php
  %s Host: securitystats.com
  %s Content-Type: application/x-www-form-urlencoded
  %s Content-Length: $len(%data)
  %s Connection: Keep-Alive
  %s Cache-Control: no-cache
  %s
  %s %data
}
 [color:red]  [/color] 
on *:sockread:hashcrk:{
  if $sockerr { return }
  var %a
  sockread %a
  while $sockbr {
    if $regex(hcr,%a,/([^>]+) Hash Found!!.+? $+ %hcr.hash = (.*?)</) || *</body>* iswm %a {
      sockclose hashcrk
      if $regml(hcr,1) {
        echo -ac info * /hashcrack: Type: $ifmatch - Value for hash %hcr.hash $+ : $regml(hcr,2)
      }
      else echo -ac info * /hashcrack: no match found for %hcr.hash of type %hcr.type
      unset %hcr.*
      return    
    }
    sockread %a
  }
}
Posted By: xhine Re: socks POST - 09/07/05 10:07 PM
ah ok, thank you
© mIRC Discussion Forums