Just what I was going to suggest Juridian, Achilles can be found at http://www.mavensecurity.com/html/tools.html
SittingDuck
Printable View
Just what I was going to suggest Juridian, Achilles can be found at http://www.mavensecurity.com/html/tools.html
SittingDuck
The user-agent thing is used to pass what browser you are using, not usernames/passwords, sorry was having a little fun :)
It seems like you are issuing the command correctly...if you need to pass variables, then you need to look at the source HTML code and look at the form elements. You need to know if the form expects the METHOD to be POST or GET. If it is GET, you need to append to the end of the URL with ?var1=value&var2=value2&var3=value3&....varN=valueN. Basically seperate every variable with '&', and look at the FORM INPUT variables to see what the name of the variable is, then set it to what you know it should be, so you would get something like:
GET /game1/level2/l33t.php?username=admin&password=ngsec HTTP/1.0
Referer: www.hah-hah.com
<enter>
<enter>
Since it tells you to use telnet, I am assuming it is probably using the GET method, if it is using POST, I usually just use 'curl' to supply the variables right rather than trying to get it exactly right on the POST line...
If you are still getting bad request, you are probably supplying input that the script is not expecting and the script is erroring out. Make sure the variables are correct, the values are reasonable, and that you have the full pathname/filename correct.
/nebulus
Just one thing this site runs http/1.1 so you need the full domain name ie http://quiz.ngsec.biz for your get requests and referer (it isnt www.hah-hah.com) the example they have given is for http/1.0 Its ok to put this at the end of your get request For more info read the rfc they have given on the page
1.1 is just a little different, you MUST supply the host in the get request (I think this is because of virtual hosts on servers), so your request would only change slightly:
HTTP1.0:
GET /game1/level2/l33t.php?username=admin&password=ngsec HTTP/1.0
Referer: www.hah-hah.com
<enter>
<enter>
HTTP1.1
GET /game1/level2/l33t.php?username=admin&password=ngsec HTTP/1.1
Host: quiz.ngsec.com
Referer: www.hah-hah.com
<enter>
<enter>
/nebulus