[C#] TC Auth System

Made this very quick in visual c# 2010.. hope you can use it for your next bawts?

Code:

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Net;
using System.IO;

namespace WindowsFormsApplication1
{
    public partial class Form1 : Form
    {
        public Form1()
        {
            InitializeComponent();
        }

        private void Form1_Load(object sender, EventArgs e)
        {

        }

        private void button1_Click(object sender, EventArgs e)
        {
            string srrend = "";
            string auth = "http://www.truecheaters.com/forums/tcauth.php?user=" + auser.Text + "&pass=" + apass.Text;

            WebResponse objResponse;
            WebRequest objRequest = System.Net.HttpWebRequest.Create(auth);

            objResponse = objRequest.GetResponse();

            using (StreamReader sr = new StreamReader(objResponse.GetResponseStream()))
            {
                srrend = sr.ReadToEnd();
                sr.Close();
                if (srrend.Equals("1"))
                {
                    label1.Text = ("Wrong user/pass");

                }
                else if (srrend.Equals("0"))
                {
                    label1.Text = ("Thanks for supporting TC!");
                }
                
            }
        }
    }
}

Source:
http://www.mediafire.com/download.php?zeqidylm0me

Thank you gjong

To more secure the auth you can check if the DNS resolve of truecheaters is anything but "127.0.0.1", or if TC has a dedicated IP check soley for that. That will stop redirection to other websites or the host file trick.

Dear Experts!,
please make a tutorial for the problem of logging in a website
How to login a website like mine: http://sieuthinhadat.com
Come here to login http://sieuthinhadat.com/component/u...=8&theme=buyer

Use fire bug (a firefox plugin) you' ll get some thing like:
<input type="hidden" value="com_user" name="option">
<input type="hidden" value="login" name="task">
<input type="hidden" value="buyer" name="theme"><input type="hidden" <input type="hidden" <input type="hidden" value="aW5kZXgucGhwP29wdGlvbj1jb21fcmVhbGVzdGF0ZSZwYXJ0PW 1hbmFnZSZ0YXNrPWxpc3RfcnMmSXRlbWlkPTgmdGhlbWU9YnV5 ZXI=" name="return">
<input type="hidden" value="1" name="887fe0d4e17d3f377c4c2afb23fb17f8">

If you press the "Đăng Nhập" button to log in, with the conanonanoc@yahoo.com: and password: comein123 then

In Live HTTP headers ( a firefox addon ) you'll get :
POST /component/user/index.php username= conanonanoc%40yahoo.com&passwd= comein123&Submit=%C4%90%C4%83ng+Nh%E1%BA%ADp&option=com_use r&task=login&theme=buyer&return=aW5kZXgucGhwP29wdGlvbj1jb21fcmVhbGVzdGF0ZSZwYXJ0PW 1hbmFnZSZ0YXNrPWxpc3RfcnMmSXRlbWlkPTgmdGhlbWU9YnV5 ZXI%3D&887fe0d4e17d3f377c4c2afb23fb17f8=1

(I have colored what are exactly the same)
I don't know how to use C # to find those hidden values.
I think, if this problem is resolved, many related problems are resolved, and the tutorial will be the great useful for anyone want to mak bots to know how to find the clue!

You have to use regex, although I'm not quite sure how you do that with C#.

Originally Posted by zSteelo

You have to use regex, although I'm not quite sure how you do that with C#.

what regex is? and why should we use regex?

Originally Posted by GjonG

Made this very quick in visual c# 2010.. hope you can use it for your next bawts?

Code:

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Net;
using System.IO;

namespace WindowsFormsApplication1
{
    public partial class Form1 : Form
    {
        public Form1()
        {
            InitializeComponent();
        }

        private void Form1_Load(object sender, EventArgs e)
        {

        }

        private void button1_Click(object sender, EventArgs e)
        {
            string srrend = "";
            string auth = "http://www.truecheaters.com/forums/tcauth.php?user=" + auser.Text + "&pass=" + apass.Text;

            WebResponse objResponse;
            WebRequest objRequest = System.Net.HttpWebRequest.Create(auth);

            objResponse = objRequest.GetResponse();

            using (StreamReader sr = new StreamReader(objResponse.GetResponseStream()))
            {
                srrend = sr.ReadToEnd();
                sr.Close();
                if (srrend.Equals("1"))
                {
                    label1.Text = ("Wrong user/pass");

                }
                else if (srrend.Equals("0"))
                {
                    label1.Text = ("Thanks for supporting TC!");
                }
                
            }
        }
    }
}

Source:
http://www.mediafire.com/download.php?zeqidylm0me

What will you do if the password is encrypted before POST back to the server?
For instance: If you log in a vbulletin forum, the password is encrypted, so the POST data look like:
POST /login.php?do=login vb_login_username=someusername&cookieuser=1&vb_login_password=&s=&securitytoken= guest&do=login&vb_login_md5password=2b9b3911a7eac4bc914bfa80cf06058f&vb_login_md5password_utf=2b9b3911a7eac4bc914bfa80cf06058f
You can see the encrypted password is 2b9b3911a7eac4bc914bfa80cf06058f. It is encrypted by the functions in the js file :vbulletin_md5.js

The html code is:

<form action="login.php?do=login" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">

<script type="text/javascript" src="clientscript/vbulletin_md5.js?v=372"></script>


My question is: How can I use the function md5hash in the vbulletin_md5.js (I have downloaded this to C:/script/vbulletin_md5.js) to gennerate the encrypted password string?

ok, i just look at it, and its similar to C++ which I am currently relearning, don't you need to define srrend = sr.ReadToEnd(); ?
?