For a challenge, we have to code a script that can pull information from a web page and then use it to automate an action on that site. What I've chosen to try and do is code an IPB Forum Advertiser. The process is easy, but I can't seem to get it to work.

The Problem: so far I can't seem to get it to login and not sure what I'm doing wrong.

#!/usr/bin/perl
use LWP::UserAgent;
use HTTP::Cookies;
$host = @ARGV[0];
@badID = (1,2,3,4,5);
$arrSize = @badID;
$i = 2;

if (@ARGV < 1)
{
  print "\n\n [-] Specify a host";
  print "\n\n [!] Example: pm.pl http://www.sitename.com/path/\n\n";
  exit(0);
}
loginPrompt();
sub login($$)
{
  $browser = LWP::UserAgent->new(agent =>
        'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; T312461)' ,
  );
  $cookie_jar = HTTP::Cookies->new();
  $browser->cookie_jar($cookie_jar);

    $response = $browser->post( $host.'/index.php?act=Login&CODE=01',
       [ 'referer' => '',
         'UserName' =>$_[0],
         'PassWord'=>$_[1],
     'CookieDate' => '1',
     'Privacy' => '1',
         'submit'=>'Log me in' ]
       );
$content = $response->content;

if ($content =~ /<head>/gmi)
{print "\n[-] INCORRECT LOGIN\n"; loginPrompt()}
else{msgInfo()}
}
sub spam()
{
  for ($j = 0; $j <= $arrSize + 1; $j++)
  {
   if ($i > $uid){ print "\n\n

    * Spamming Completed\n"; exit(0) }

   if ($badID[$j] eq $i) { $i++; spam() }
  }

     sleep(15);

     $res = $browser->get("$host/index.php?act=Msg&CODE=4&MID=$i");
     $results = $res->content;
     if ($results =~ /name="post_key" value="([a-f0-9]{32})"(.*)/){$postkey = $1;}
     if ($results =~ /name="auth_key" value="([a-f0-9]{32})"(.*)/){$authkey = $2;}
     if ($results =~ /name="entered_name"(.*) value="(.*?)"(.*)/gmi){$name = $3;}

     $resp = $browser->post( "$host/index.php?act=msg",
        [ 'removeattachid'=> '0',
          'OID'=>'',
          'act'=>'Msg',
          'CODE'=>'04',
          'MODE'=>'01',
          'post_key'=> $postkey,
          'auth_key'=>$authkey,
      'entered_name'=>$name,
          'msg_title'=> $subj,
      'Post'=> $msg,
          'post'=>'Submit', Referer => $host ]
        );

    print "\n [!] Message Sent to: $name with SID $SID";

    if ($i > $uid){print "\n\n

    * Spamming Completed\n"; exit(0)}

    else{$i++;spam()}
}
sub loginPrompt()
{
  print "\nEnter your login name: ";
  chomp($id = <STDIN>);
  print "\nEnter your password: ";
  chomp($pass = <STDIN>);
  login($id, $pass);
}
sub msgInfo()
{
  print "\nEnter message subject: ";
  chomp($subj = <STDIN>);
  print "\nEnter your message: ";
  chomp($msg = <STDIN>);
  print "\nEnter highest uid: ";
  chomp($uid = <STDIN>);
  spam();
}

Recommended Answers

All 3 Replies

I nominate you for forum cross-poster of the month award. Thats three perl forums so far I have seen this same question posted on.

Y'know, that sorta looks less like a 'challenge' and more like an actual forum abuse script.

Y'know, that sorta looks less like a 'challenge' and more like an actual forum abuse script.

You're right. especially when "spamming complete" shows up at least twice in the code.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.