Member Avatar for w0h0m

For a challenge, we have to code a script that can pull information from a web page and then use it to automate an action on that site. What I've chosen to try and do is code an IPB Forum Advertiser. The process is easy, but I can't seem to get it to work.

The Problem: so far I can't seem to get it to login and not sure what I'm doing wrong.

#!/usr/bin/perl
use LWP::UserAgent;
use HTTP::Cookies;
$host = @ARGV[0];
@badID = (1,2,3,4,5);
$arrSize = @badID;
$i = 2;

if (@ARGV < 1)
{
  print "\n\n [-] Specify a host";
  print "\n\n [!] Example: pm.pl http://www.sitename.com/path/\n\n";
  exit(0);
}
loginPrompt();
sub login($$)
{
  $browser = LWP::UserAgent->new(agent =>
        'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; T312461)' ,
  );
  $cookie_jar = HTTP::Cookies->new();
  $browser->cookie_jar($cookie_jar);

    $response = $browser->post( $host.'/index.php?act=Login&CODE=01',
       [ 'referer' => '',
         'UserName' =>$_[0],
         'PassWord'=>$_[1],
     'CookieDate' => '1',
     'Privacy' => '1',
         'submit'=>'Log me in' ]
       );
$content = $response->content;

if ($content =~ /<head>/gmi)
{print "\n[-] INCORRECT LOGIN\n"; loginPrompt()}
else{msgInfo()}
}
sub spam()
{
  for ($j = 0; $j <= $arrSize + 1; $j++)
  {
   if ($i > $uid){ print "\n\n

    * Spamming Completed\n"; exit(0) }

   if ($badID[$j] eq $i) { $i++; spam() }
  }

     sleep(15);

     $res = $browser->get("$host/index.php?act=Msg&CODE=4&MID=$i");
     $results = $res->content;
     if ($results =~ /name="post_key" value="([a-f0-9]{32})"(.*)/){$postkey = $1;}
     if ($results =~ /name="auth_key" value="([a-f0-9]{32})"(.*)/){$authkey = $2;}
     if ($results =~ /name="entered_name"(.*) value="(.*?)"(.*)/gmi){$name = $3;}

     $resp = $browser->post( "$host/index.php?act=msg",
        [ 'removeattachid'=> '0',
          'OID'=>'',
          'act'=>'Msg',
          'CODE'=>'04',
          'MODE'=>'01',
          'post_key'=> $postkey,
          'auth_key'=>$authkey,
      'entered_name'=>$name,
          'msg_title'=> $subj,
      'Post'=> $msg,
          'post'=>'Submit', Referer => $host ]
        );

    print "\n [!] Message Sent to: $name with SID $SID";

    if ($i > $uid){print "\n\n

    * Spamming Completed\n"; exit(0)}

    else{$i++;spam()}
}
sub loginPrompt()
{
  print "\nEnter your login name: ";
  chomp($id = <STDIN>);
  print "\nEnter your password: ";
  chomp($pass = <STDIN>);
  login($id, $pass);
}
sub msgInfo()
{
  print "\nEnter message subject: ";
  chomp($subj = <STDIN>);
  print "\nEnter your message: ";
  chomp($msg = <STDIN>);
  print "\nEnter highest uid: ";
  chomp($uid = <STDIN>);
  spam();
}
  • 4 Contributors
  • 3 Replies
  • 150 Views
  • 1 Week Discussion Span
  • Latest Post Latest Post by Major Major
Member Avatar for KevinADC

I nominate you for forum cross-poster of the month award. Thats three perl forums so far I have seen this same question posted on.

Member Avatar for chaosprime

Y'know, that sorta looks less like a 'challenge' and more like an actual forum abuse script.

Member Avatar for Major Major

Y'know, that sorta looks less like a 'challenge' and more like an actual forum abuse script.

You're right. especially when "spamming complete" shows up at least twice in the code.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.