Page 2 of 2

Re: Scripted HTS Login

PostPosted: Sat Dec 13, 2014 1:28 pm
by WallShadow
Fuck it, this is now a thread for posting login solutions and etc.

Here's the general perl code i use to login:

Code: Select all
use WWW::Mechanize;

my $mech = WWW::Mechanize->new;
$mech->get('https://www.hackthissite.org/');

$mech->form_number(0);
$mech->field('username', 'WallShadow');
$mech->field('password', 'thisisnotmypassword');
$mech->submit();


From there, solving challenges is a breeze, for example, this is my code for solving prog2:

Code: Select all
my $mech = WWW::Mechanize->new;
$mech->get('https://www.hackthissite.org/');

$mech->form_number(0);
$mech->field('username', 'WallShadow');
$mech->field('password', 'thisisnotmypassword');
$mech->submit();

$mech->get('https://www.hackthissite.org/missions/prog/2/');

$mech->get('https://www.hackthissite.org/missions/prog/2/PNG');
dtf($mech->content, 'prog2.png');
my $soul = decipher_morse(decipher_image('prog2.png'));

print "solution: $soul\n";

$mech->back;

$mech->form_number(0);
$mech->field('solution', $soul);
my $res = $mech->click('submitbutton');



print $1, "\n" if $res->decoded_content =~ /(<div class="dark-td">.{1,100})/;
dtf($res->decoded_content);

Re: Scripted HTS Login

PostPosted: Sat Dec 13, 2014 9:13 pm
by tremor77
pretentious wrote:I'm waiting for someone to upload python code so I can pass programming 11 XD


The PHP i posted was what I used to pass 11, should be easy enough to convert for python.

Re: Scripted HTS Login

PostPosted: Sun Dec 14, 2014 9:19 am
by QtDevl
cyberdrain wrote:Wait, you created shell code for logging in? Sure, post away :)


Yup,

Code: Select all
#!/bin/bash
USERNAME=""
PASSWORD=""
SOLUTION=""
wget -q -O http://www.hackthissite.org/user/login --post-data="username=$USERNAME&password=$PASSWORD&btn_submit=Login" --save-cookies=.cookies.txt --keep-session-cookies --referer http://www.hackthissite.org/
wget -q -O - PROG_MISSION_HERE --load-cookies=.cookies.txt --keep-session-cookies --referer http://www.hackthissite.org/missions/programming/ > mission_data.txt

#do stuff with mission_data

wget -q -O - PROG_MISSION_HERE --post-data="solution=$SOLUTION"  --load-cookies=.cookies.txt --keep-session-cookies --referer http://www.hackthissite.org/missions/prog/XX/ > result.txt


For example for prog6, it was easier/faster/whatever for me to read the array data from javascript like this ( grep, cut, done!)
then simply pass it to a java prog that did the processing.

Re: Scripted HTS Login

PostPosted: Sun Dec 14, 2014 6:59 pm
by cyberdrain
Ah, that's a bit different than what I expected. I thought you created custom shell code in assembly for use in a binary exploit, now that would've been cool. Still, it's a nice solution. One question: why don't you pipe the mission data directly into the program you're using to analyze the data?

Re: Scripted HTS Login

PostPosted: Mon Dec 15, 2014 3:28 am
by QtDevl
cyberdrain wrote: I thought you created custom shell code in assembly for use in a binary exploit, now that would've been cool.

Oh god no... binary shell code that I have to inject in a random executable just to login? that makes no sense, I mean it would be cool but it would be just an over complication

cyberdrain wrote:One question: why don't you pipe the mission data directly into the program you're using to analyze the data?


To be honest, with prog 6 I've done the analysis in java because I've already worked with graphical libraries and ocr BUT since java does not like client side scripts that much, you'd have to do the same thing in java as with the shell script ( download page, some regex to get data, process ), I've already had the shell script from another challenge ready so I was just lazy and used that. Prog6 took me 4 days( the longest ) so I just wanted to be over with it.
For most of the other apps I have login both in java and c#.