mychris
6 years ago

0

Hi,
i try to resolve this level with a python program, i search with google an example to create a SSL socket but nothing for help me.
Do you know a link for me ?

21replies
6voices
602views
SIGKILL [r4v463]
6 years ago

1

Something like the doc?

Smyler [WHGhost]
6 years ago | edited 4 years ago

0

There are specific python libraries to work with http or https, you don’t need to use sockets.
Have a look at the requests module or at the urllib library.

mychris
6 years ago

0

i try but nothing

import requests

payload = {‘username’: ‘mychris’, ‘password’: ‘mypassword’}

r = requests.get(“https://www.hackthis.co.uk/login”, params=payload)

data = r.content # Content of response

print r.status_code # Status code of response
print r.url
print data

respond :
404
https://www.hackthis.co.uk/login?username=mychris&password=mypassword
Error accessing resource

SIGKILL [r4v463]
6 years ago

3

So the problem is about SSL you think? I would rather say that giving POST parameters in GET is the problem.

mychris
6 years ago

0

same error if i change GET with POST

mychris
6 years ago

0

I do this prog :

import requests

s = requests.Session()
s.auth = (‘mychris’, ‘mypassword’)

r = s.get(“https://www.hackthis.co.uk”)
print r.text

But not connexion, just the page connexion

……

   }  
                    </script>  

                    <form id="login_form" action="?login" method="POST">  
                        <label for="username">Username:</label>  
                        <input type="text" name="username" id="username">  
                        <label for="password">Password:</label>  
                        <input type="password" name="password" id="password">  
                        <a class="white" href="/?request">Forgot details?</a>  
                        <input type="submit" value="Login" class="button">  
                    </form>  

                    <a class='stop-ex  

………

mychris
6 years ago

0

with Post it’s the same thing :-(

SIGKILL [r4v463]
6 years ago

1

To make things clear, you need to make a POST request to the page https://www.hackthis.co.uk?login as you can see in this HTML line : <form id="login_form" action="?login" method="POST">

The parameters need to have the right name i.e. username and password. Those parameters need to be sent via POST.

Reply has been removed
mychris
6 years ago

0

import requests

payload = {‘username’: ‘mychris’, ‘password’: ‘mypassword’}

s = requests.Session()

r = s.post(“https://www.hackthis.co.uk/login”, params=payload)

print r.text
print r.status_code # Status code of response
print r.url

When i do this prog :

Error accessing resource
404
https://www.hackthis.co.uk/login?username=mychris&password=mypassword

if i do with “https://www.hackthis.co.uk” :

page html with formulaire login

i try with POST and GET but same error

SIGKILL [r4v463]
6 years ago

0

Replace
r = s.post("https://www.hackthis.co.uk/login", params=payload)

by

r = s.post("https://www.hackthis.co.uk/login", data=payload)

I’m not sure, but if you have some problems, you can google your problem and take a look on Stack Overflow.

mychris
6 years ago

0

Thank, but allways the same error, and not easy, the most sites i find with “requests” are english, and it’s not my language !!!

mychris
6 years ago

0

Shame on me :s

http://python-requests.org has french section

SIGKILL [r4v463]
6 years ago

1

That’s nice! But you should consider learning english sufficiently to be able to read docs and articles, because often there is no french version, or a bad french version (and that applies for all languages other than english).

Smyler [WHGhost]
6 years ago

0

Your problem doesn’t come from the module you are using, but from the URL you are trying to reach.
The login page is actually the main root page, but with the login get parameter.

So your code should be r = s.post("https://www.hackthis.co.uk/?login", data=payload)
instead of r = s.post("https://www.hackthis.co.uk/login", data=payload)

Such a tiny thing that can make you lose so much time :)

mychris
6 years ago

0

True,
the ? before login was the problem for connect me

Thank you very much !!!!!

Now new defi ,
i must keep the connection (because if i do with “https://www.hackthis.co.uk/levels/coding/1” i see the problem on login) ,

go to https://www.hackthis.co.uk/levels/coding/1

take

Words: but, has, why, when, did, said, and, there, only, what, does, were, that, your, nor, able, either, every, these, into, the, other, she, him, with, our, all, least, likely, how, get, hers, her, about, are, his, twas, ever, who, might, also, got, would, whom, own, yet, then, some, often, while and POST respond in Answer: Time remaining: 0.00 seconds

I will have a big job for resolve this level :p

Smyler [WHGhost]
6 years ago

0

Good luck then, Waiting for your code in the solution section :)

mychris
6 years ago

0

I hope to go in the solution section :-D

i find how keep the connection with request session, now i must take words and post him, an other history :)

lumia_3141
4 years ago

0

Hi, I also used Python for this challenge, it work when I log in and get the text but when I post the answer using the following 2 lines they do not seem to work:

Data = {‘answer’: ans}
res = sess.post(“https://defendtheweb.net/playground/alphabetize”, data=Data)

If anyone would spare some minutes to look at this part of my code I would really appreciate it.
Thank you in advance!

DhiraPT111
4 years ago

0

I solved it using python selenium :)


0

@lumia3141 You need to send the csrf token along with your requests Do some research about what it is, and then you should be able to solve the level.

lumia_3141
4 years ago

0

Thank you so much for your kind answers, I finally manage to solve the level :-)

You must be logged in to reply to this discussion. Login
1 of 22

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss