name:
pass:
Challenge #1
Challenge #2
Challenge #3
Challenge #4
Challenge #5
Challenge #6
      
"); }else{ $complete01 = 0; $complete02 = 0; $complete03 = 0; $complete04 = 0; $complete05 = 0; $complete06 = 0; $cookie=tempnam('',''); // Login $url = 'http://www.hellboundhackers.org/index.php'; $post = "user_name=".$_REQUEST['user']."&user_pass=".$_REQUEST['pass']."&remember_me=y&login=Login"; fetch($url,$post,$cookie); $url = 'http://www.hellboundhackers.org/edit_profile.php'; $loggedin = fetch($url,false,$cookie); if(strpos($loggedin, "Members only") !== false){ echo "Incorrect Username or Password
"; exit; } //Challenge 1 while($complete01 == 0 && $_REQUEST['ChallBox1'] == "true"){ $url = 'http://www.hellboundhackers.org/challenges/timed/timed1/index.php'; $chall1 = fetch($url,false,$cookie); $explode = explode("string: ", $chall1); $string = explode(" and answer",$explode[1]); $string[0] = base64_decode($string[0]); $url = 'http://www.hellboundhackers.org/challenges/timed/timed1/index.php?b64='.$string[0]; $chall1 = fetch($url,false,$cookie); if ((strlen(strstr($chall1,"Congrats!"))>0)||(strlen(strstr($chall1,"You already beat this"))>0)) { echo "Challenge 01 complete
"; $complete01 = 1; }else{ echo "Challenge 01 fail...
"; } } //Challenge 2 while($complete02 == 0 && $_REQUEST['ChallBox2'] == "true"){ $result = 0; $url = 'http://www.hellboundhackers.org/challenges/timed/timed2/index.php'; $chall2 = fetch($url,false,$cookie); $explode = explode("string is: ", $chall2); $string = explode("

",$explode[1]); $str = $string[0]; for($i=0;$i <= strlen($str); $i++){ if(is_numeric($str{$i})){ $result = $result + $str{$i}; } } $url = 'http://www.hellboundhackers.org/challenges/timed/timed2/index.php?check'; $post = "ans=".$result; $chall2 = fetch($url,$post,$cookie); if ((strlen(strstr($chall2,"Congrats!"))>0)||(strlen(strstr($chall2,"You already beat this"))>0)) { echo "Challenge 02 complete
"; $complete02 = 1; }else{ echo "Challenge 02 fail...
"; } } //Challenge 3 if( $_REQUEST['ChallBox3'] == "true"){ $result = 0; $url = 'http://www.hellboundhackers.org/challenges/timed/timed3/data.txt'; $chall3 = fetch($url,false,$cookie); $plaintext = explode(",", $chall3); for($i=0;$i <= count($plaintext); $i++){ $hashed[$i] = md5($plaintext[$i]); } $url = 'http://www.hellboundhackers.org/challenges/timed/timed3/index.php'; $chall3 = fetch($url,false,$cookie); $pop = explode("string is: ", $chall3); $string = explode("
",$pop[1]); $str = $string[0]; for($i=0;$i <= count($hashed); $i++){ if($str == $hashed[$i]){ $result = $i; break; } } $url = 'http://www.hellboundhackers.org/challenges/timed/timed3/index.php?check'; $post = "ans=".$plaintext[$result]; $chall3 = fetch($url,$post,$cookie); if ((strlen(strstr($chall3,"Congrats!"))>0)||(strlen(strstr($chall3,"You already beat this"))>0)) { echo "Challenge 03 complete
"; }else{ echo "Challenge 03 fail... (have to try again in 5 mins)
"; } } //Challenge 4 $attempt = 0; while($complete04 == 0 && $_REQUEST['ChallBox4'] == "true"){ $url = 'http://www.hellboundhackers.org/challenges/timed/timed4/index.php'; $chall4 = fetch($url,false,$cookie); $explode = explode("word is: ", $chall4); $string = explode("
",$explode[1]); $str = $string[0].$string[0]; $result = $str{0}; for($i=1;$i <= strlen($str); $i++){ if($i & 1){ $result .= $str{$i + 2}; }else{ $result .= $str{$i}; } if($result{$i} == $str{1} && $i > 1){ break; } } $url = 'http://www.hellboundhackers.org/challenges/timed/timed4/index.php?check'; $post = "ans=".$result; $chall4 = fetch($url,$post,$cookie); if ((strlen(strstr($chall4,"Congrats!"))>0)||(strlen(strstr($chall4,"You already beat this"))>0)) { echo "Challenge 04 complete
"; $complete04 = 1; }else{ echo "Challenge 04 fail... OR you've already completed it!
"; if($attempt == 10){ $complete04 = 1; } $attempt++; } } //Challenge 5 while($complete05 == 0 && $_REQUEST['ChallBox5'] == "true"){ $url = 'http://www.hellboundhackers.org/challenges/timed/timed5/index.php'; $chall5 = fetch($url,false,$cookie); $explode = explode("to make ", $chall5); $string = explode("into ",$explode[1]); if($string[0] > 1337){ $string[0] = $string[0] - 1337; $string[0] = "minus_".$string[0]; }else{ $string[0] = 1337 - $string[0]; $string[0] = "plus_".$string[0]; } $url = 'http://www.hellboundhackers.org/challenges/timed/timed5/index.php?password='.$string[0]; $chall5 = fetch($url,false,$cookie); if ((strlen(strstr($chall1,"Congrats!"))>0)||(strlen(strstr($chall5,"You already beat this"))>0)) { echo "Challenge 05 complete
"; $complete05 = 1; }else{ echo "Challenge 05 fail...
"; } } } function fetch($url,$post=false,$cookie=false,$timeout=30) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); if ($cookie) { curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie); curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie); } if ($post) { curl_setopt($ch, CURLOPT_POSTFIELDS, $post); curl_setopt($ch, CURLOPT_POST, TRUE); } curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); //curl_setopt($ch, CURLOPT_HEADER, TRUE); //debug $output=curl_exec($ch); curl_close($ch); return $output; } ?>