400 Bad Request on API config. Need help

Discussion in 'Cracking Discussions & Help Forum' started by URK, Aug 23, 2015.

  1. URK

    URK Member VIP

    Messages:
    496
    Likes:
    51
    Ratio:
    0.16
    I am having issues with my first api config

    [​IMG]
    [​IMG]
    [​IMG]
    Code:
    Select All
    <---------------------------------------------------------------------------------- Site: https://apps.avianca.com/wcfLifeMilesMobileFE/api/members/SessionsServices.svc/LoginMW Debug of BOT 1 Combo: [email protected]:marujita80 Direct Connection ---------------------------------------------------------------------------------- <-----Bot Status: Launching Debug Socket-----> <-----Sent Headers-----> GET /wcfLifeMilesMobileFE/api/members/SessionsServices.svc/LoginMW HTTP/1.0 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: apps.avianca.com Pragma: no-cache Connection: keep-alive <-----Received Headers-----> HTTP/1.1 405 Method Not Allowed Allow: POST Content-Length: 1565 Content-Type: text/html; charset=UTF-8 Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sun, 23 Aug 2015 01:31:20 GMT Connection: keep-alive <-----Received Source-----> <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Service</title> <style>BODY { color: #dddddd; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; } #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; } A:link { color: #336699; font-weight: bold; text-decoration: underline; } A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; } A:active { color: #336699; font-weight: bold; text-decoration: underline; } .heading1 { background-color: #003366; border-bottom: #336699 6px solid; color: #dddddd; font-family: Tahoma; font-size: 26px; font-weight: normal;margin: 0em 0em 10px -20px; padding-bottom: 8px; padding-left: 30px;padding-top: 16px;} pre { font-size:small; background-color: #e5e5cc; padding: 5px; font-family: Courier New; margin-top: 0px; border: 1px #f0f0e0 solid; white-space: pre-wrap; white-space: -pre-wrap; word-wrap: break-word; } table { border-collapse: collapse; border-spacing: 0px; font-family: Verdana;} table th { border-right: 2px white solid; border-bottom: 2px white solid; font-weight: bold; background-color: #cecf9c;} table td { border-right: 2px white solid; border-bottom: 2px white solid; background-color: #e5e5cc;}</style> </head> <body> <div id="content"> <p class="heading1">Service</p> <p>Method not allowed.</p> </div> </body> </html> ---------------------------------------------------------------------------------- <-----Debug Complete-----> ---------------------------------------------------------------------------------->
     
  2. Olaf

    Olaf Banned Scammer

    Messages:
    313
    Likes:
    144
    Ratio:
    0.11
    [​IMG]
     
  3. URK

    URK Member VIP

    Messages:
    496
    Likes:
    51
    Ratio:
    0.16
    thanks


    Code:
    Select All
    <---------------------------------------------------------------------------------- Site: https://apps.avianca.com/wcfLifeMilesMobileFE/api/members/SessionsServices.svc/LoginMW Debug of BOT 1 Combo: [email protected]:marujita80 Direct Connection ---------------------------------------------------------------------------------- <-----Bot Status: Authenticating-----> <-----Sent Headers-----> POST /wcfLifeMilesMobileFE/api/members/SessionsServices.svc/LoginMW HTTP/1.1 Accept: */* User-Agent: Opera/9.80 (Windows NT 6.0; U; en) Presto/2.2.0 Version/10.00 Host: apps.avianca.com Pragma: no-cache Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 53 Post Data: [email protected]&member_pwd=marujita80 <-----Received Headers-----> HTTP/1.1 400 Bad Request Content-Length: 1647 Content-Type: text/html Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sun, 23 Aug 2015 07:27:27 GMT <-----Received Source-----> <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Request Error</title> <style>BODY { color: #dddddd; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; } #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; } A:link { color: #336699; font-weight: bold; text-decoration: underline; } A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; } A:active { color: #336699; font-weight: bold; text-decoration: underline; } .heading1 { background-color: #003366; border-bottom: #336699 6px solid; color: #dddddd; font-family: Tahoma; font-size: 26px; font-weight: normal;margin: 0em 0em 10px -20px; padding-bottom: 8px; padding-left: 30px;padding-top: 16px;} pre { font-size:small; background-color: #e5e5cc; padding: 5px; font-family: Courier New; margin-top: 0px; border: 1px #f0f0e0 solid; white-space: pre-wrap; white-space: -pre-wrap; word-wrap: break-word; } table { border-collapse: collapse; border-spacing: 0px; font-family: Verdana;} table th { border-right: 2px white solid; border-bottom: 2px white solid; font-weight: bold; background-color: #cecf9c;} table td { border-right: 2px white solid; border-bottom: 2px white solid; background-color: #e5e5cc;}</style> </head> <body> <div id="content"> <p class="heading1">Request Error</p> <p>The server encountered an error processing the request. See server logs for more details.</p> </div> </body> </html> ---------------------------------------------------------------------------------- <-----Bot Status: 400 - Bad Request-----> ---------------------------------------------------------------------------------->
     
  4. tireN1337

    tireN1337 Well-Known Member Moderator Trusted Seller

    Messages:
    1,483
    Likes:
    2,512
    Ratio:
    0.71
    Try post(app/json)
     
  5. Olaf

    Olaf Banned Scammer

    Messages:
    313
    Likes:
    144
    Ratio:
    0.11
    you should probably learn how to make basic configs then to API's.
     
    Archer likes this.
  6. Tarwin

    Tarwin Advanced Member

    Messages:
    384
    Likes:
    315
    Ratio:
    3.09
    This is a stupid answer. Json isn't used alot on webpages so he wouldn't learn it anyway.
     
    Caillou likes this.
  7. Tarwin

    Tarwin Advanced Member

    Messages:
    384
    Likes:
    315
    Ratio:
    3.09
    The problem here is that you're trying to send the postdata with the wrong Content-Type. The server expects json but you're using www urlcoded. Change the HTTP method in the authentication stage to POST (json) and sentry will parse the postdata into json and the error should be fixed
     
  8. URK

    URK Member VIP

    Messages:
    496
    Likes:
    51
    Ratio:
    0.16
    Thanks




    I can make basic configs. I posted a listia.com config on here.

    Thanks, but still not working. I am just going to contact you on Skype and pay you to create it for me if possible. Then look at .ini file and learn from there like I have done in past with other configs.
     
  9. Nine

    Nine Basic Member

    Messages:
    211
    Likes:
    138
    Ratio:
    0.56
    If I'm looking at this properly, the post data you got from the app is not even close to what you put it as in the Authentication Stage.

    Password seems to be in Base64 or something too.
     
  10. URK

    URK Member VIP

    Messages:
    496
    Likes:
    51
    Ratio:
    0.16
    Yea I noticed that. I tried using variables, post data, and ticked "process error codes". Its something simple I am missing
    Code:
    Select All
    <---------------------------------------------------------------------------------- Site: https://apps.avianca.com/wcfLifeMilesMobileFE/api/members/SessionsServices.svc/LoginMW Debug of BOT 1 Combo: [email protected]:marujita80 Direct Connection ---------------------------------------------------------------------------------- <-----Received Source-----> Fake Socket Stage <-----Start Variables Computation-----> Computing Variable -> Urk Variable computed as -> Content-Type: application/json <-----Variables computed successfully in 0 ms-----> <-----Bot Status: Variables computed successfully -> Authenticating-----> <-----Sent Headers-----> POST /wcfLifeMilesMobileFE/api/members/SessionsServices.svc/LoginMWContent-Type: application/json HTTP/1.1 Accept: */* Referer: https://apps.avianca.com User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) Host: apps.avianca.com Pragma: no-cache Connection: keep-alive Content-Type: application/json Content-Length: 247 Post Data: {"member_id":"[email protected]","member_pwd":"marujita80","\"{\\\"device_id\\\":\\\"eef0-a897-db05-aaad\\\",\\\"keep_signed\\\":\\\"N\\\",\\\"member_id\\\":\\\"[email protected]\\\",\\\"member_pwd\\\":\\\"marujita80\",\\\"os\\\":\\\"1\\\"}\"":""} <-----Received Headers-----> HTTP/1.1 400 Bad Request Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Mon, 24 Aug 2015 19:59:45 GMT Connection: close Content-Length: 311 <-----Received Source-----> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"> <HTML><HEAD><TITLE>Bad Request</TITLE> <META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD> <BODY><h2>Bad Request</h2> <hr><p>HTTP Error 400. The request is badly formed.</p> </BODY></HTML> ---------------------------------------------------------------------------------- <-----Bot Status: 400 - Bad Request-----> ---------------------------------------------------------------------------------->
     
  11. Nine

    Nine Basic Member

    Messages:
    211
    Likes:
    138
    Ratio:
    0.56
    [​IMG]

    Seems you assigned the Content-Type wrong.
     
  12. Tarwin

    Tarwin Advanced Member

    Messages:
    384
    Likes:
    315
    Ratio:
    3.09
    Correct. You don't need to parse the json yourself. You just put them in the format of <fieldname>=<value> and sentry will then parse it to {"fieldname":"value"}
     

Share This Page