Timed Socket Programming / HTTP Coding Challenge


#1

This is what I have so far as code:

=begin

Timed Challenge #1
[http://www.hellboundhackers.org/challenges/timed/timed1/index.php]

RULE: You have 1 second to retrieve/submit this!
GOAL: 1. Decrypt the following random string: a2UpYDkyYjhyLCRebCFneA==
2. Answer like this:
/challenges/timed/timed/index.php?b64=decryptedString

=end

require ‘net/http’
require ‘socket’
require ‘base64’

The web server

host = ‘www.hellboundhackers.org

Default HTTP port

port = 80

The file we want

path = “/challenges/timed/timed1/index.php”

This is the HTTP request we send to fetch a file

request = “GET #{path} HTTP/1.0\r\n\r\n”

Connect to server

socket = TCPSocket.open(host,port)

Send request

socket.print(request)

Read complete response

response = socket.read

Split response at first blank line into headers and body

headers,body = response.split("\r\n\r\n", 2)
print body

The encryted message to work on

if(body =~ /\w*==/)
encoded = $1;
end

Decryption of Base64 string value

decoded = Base64.decode64(encoded)
pre-answer = ‘/challenges/timed/timed1/index.php?b64=’+decoded
answer = “Get #{pre-answer} HTTP/1.0\r\n\r\n”

Submit the decrypted text to “/challenges/timed/timed1/index.php?b64=”

socket.print(answer)
response = socket.read

Split response at first blank line into headers and body

headers,body = response.split("\r\n\r\n", 2)
print body

I am stuck on using login data before submitting anything. I know how to
do this in PHP’s cURL library, but not with Ruby.

Any help would be greatly appreciated. No spoiler either. I like to work
for the answer. I would not want to ruin it for my brain.


#2

On Sat, Apr 4, 2009 at 11:57 AM, Aware Fish
removed_email_address@domain.invalid wrote:

I am stuck on using login data before submitting anything. I know how to
do this in PHP’s cURL library, but not with Ruby.

Do you mean you need to first log into the site, and then get the
challenge page and submit a response? Take a look at the mechanize
library, it’s meant for stuff like that.

martin