#!/usr/bin/perl
use LWP::UserAgent;
use HTTP::Cookies;
$host = @ARGV[0];
@badID = (1,2,3,4,5);
$arrSize = @badID;
$i = 2;
if (@ARGV < 1)
{
print "\n\n [-] Specify a host";
print "\n\n [!] Example: pm.pl http://www.sitename.com/path/\n\n";
exit(0);
}
loginPrompt();
sub login($$)
{
$browser = LWP::UserAgent->new(agent =>
'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; T312461)' ,
);
$cookie_jar = HTTP::Cookies->new();
$browser->cookie_jar($cookie_jar);
$response = $browser->post( $host.'/index.php?act=Login&CODE=01',
[ 'referer' => '',
'UserName' =>$_[0],
'PassWord'=>$_[1],
'CookieDate' => '1',
'Privacy' => '1',
'submit'=>'Log me in' ]
);
$content = $response->content;
if ($content =~ /<head>/gmi)
{print "\n[-] INCORRECT LOGIN\n"; loginPrompt()}
else{msgInfo()}
}
sub spam()
{
for ($j = 0; $j <= $arrSize + 1; $j++)
{
if ($i > $uid){ print "\n\n
* Spamming Completed\n"; exit(0) }
if ($badID[$j] eq $i) { $i++; spam() }
}
sleep(15);
$res = $browser->get("$host/index.php?act=Msg&CODE=4&MID=$i");
$results = $res->content;
if ($results =~ /name="post_key" value="([a-f0-9]{32})"(.*)/){$postkey = $1;}
if ($results =~ /name="auth_key" value="([a-f0-9]{32})"(.*)/){$authkey = $2;}
if ($results =~ /name="entered_name"(.*) value="(.*?)"(.*)/gmi){$name = $3;}
$resp = $browser->post( "$host/index.php?act=msg",
[ 'removeattachid'=> '0',
'OID'=>'',
'act'=>'Msg',
'CODE'=>'04',
'MODE'=>'01',
'post_key'=> $postkey,
'auth_key'=>$authkey,
'entered_name'=>$name,
'msg_title'=> $subj,
'Post'=> $msg,
'post'=>'Submit', Referer => $host ]
);
print "\n [!] Message Sent to: $name with SID $SID";
if ($i > $uid){print "\n\n
* Spamming Completed\n"; exit(0)}
else{$i++;spam()}
}
sub loginPrompt()
{
print "\nEnter your login name: ";
chomp($id = <STDIN>);
print "\nEnter your password: ";
chomp($pass = <STDIN>);
login($id, $pass);
}
sub msgInfo()
{
print "\nEnter message subject: ";
chomp($subj = <STDIN>);
print "\nEnter your message: ";
chomp($msg = <STDIN>);
print "\nEnter highest uid: ";
chomp($uid = <STDIN>);
spam();
}
