I've read both of these threads:

link1

link2

but i still cannot do the challenge on this page

ngsec

here are some things i don't get:

1.

HTTP1.0:
GET /game1/level2/l33t.php?login=admin&password=ngsec HTTP/1.0
Referer: www.hah-hah.com
<enter>
<enter>

HTTP1.1
GET /game1/level2/l33t.php?login=admin&password=ngsec HTTP/1.1
Host: quiz.ngsec.com
Referer: www.hah-hah.com
<enter>
<enter>

here are 2 examples from one of the AO pages. let's say that we forget about the username and password for now.

Is "GET /game1/level2/l33t.php HTTP/1.1 Host: quiz.ngsec.com Referer: www.blabla.com" one line or is that supposed to be seperate lines. Am I missing and spaces or characters.


2. Is name/password really necesary?

3. If this is performed correctly and I can actualy grab the page, will it open in IE or will it be saved on HD.

I tried to use "final spoof" I tried to use telnet. I refered to www.ngsec.com. i refered to quiz.ngsec.com. I don't know what I'm doing wrong. just please point me in right direction. I always get 400 bad request. I'm I just refering to a wrong page. If so than what kind of challange is it if I have to guess.

Pls help me I'm stupid