Can't seem to figure this error out

yah0m's Avatar, Join Date: Jul 2008
Newbie Member
For a challenge, we have to code a script that can pull information from a web page and then use it to automate an action on that site. What I've chosen to try and do is code an IPB Forum Advertiser. The process is easy, but I can't seem to get it to work.

The Problem: so far I can't seem to get it to login and not sure what I'm doing wrong.

Code:
#!/usr/bin/perl
use LWP::UserAgent;
use HTTP::Cookies;
$host = @ARGV[0];
@badID = (1,2,3,4,5);
$arrSize = @badID;
$i = 2;

if (@ARGV < 1)
{
  print "\n\n [-] Specify a host";
  print "\n\n [!] Example: pm.pl http://www.sitename.com/path/\n\n";
  exit(0);
}
loginPrompt();
sub login($$)
{
  $browser = LWP::UserAgent->new(agent =>
        'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; T312461)' ,
  );
  $cookie_jar = HTTP::Cookies->new();
  $browser->cookie_jar($cookie_jar);

    $response = $browser->post( $host.'/index.php?act=Login&CODE=01',
       [ 'referer' => '',
         'UserName' =>$_[0],
         'PassWord'=>$_[1],
     'CookieDate' => '1',
     'Privacy' => '1',
         'submit'=>'Log me in' ]
       );
$content = $response->content;

if ($content =~ /<head>/gmi)
{print "\n[-] INCORRECT LOGIN\n"; loginPrompt()}
else{msgInfo()}
}
sub spam()
{
  for ($j = 0; $j <= $arrSize + 1; $j++)
  {
   if ($i > $uid){ print "\n\n

    * Spamming Completed\n"; exit(0) }

   if ($badID[$j] eq $i) { $i++; spam() }
  }

     sleep(15);

     $res = $browser->get("$host/index.php?act=Msg&CODE=4&MID=$i");
     $results = $res->content;
     if ($results =~ /name="post_key" value="([a-f0-9]{32})"(.*)/){$postkey = $1;}
     if ($results =~ /name="auth_key" value="([a-f0-9]{32})"(.*)/){$authkey = $2;}
     if ($results =~ /name="entered_name"(.*) value="(.*?)"(.*)/gmi){$name = $3;}

     $resp = $browser->post( "$host/index.php?act=msg",
        [ 'removeattachid'=> '0',
          'OID'=>'',
          'act'=>'Msg',
          'CODE'=>'04',
          'MODE'=>'01',
          'post_key'=> $postkey,
          'auth_key'=>$authkey,
      'entered_name'=>$name,
          'msg_title'=> $subj,
      'Post'=> $msg,
          'post'=>'Submit', Referer => $host ]
        );

    print "\n [!] Message Sent to: $name with SID $SID";

    if ($i > $uid){print "\n\n

    * Spamming Completed\n"; exit(0)}

    else{$i++;spam()}
}
sub loginPrompt()
{
  print "\nEnter your login name: ";
  chomp($id = <STDIN>);
  print "\nEnter your password: ";
  chomp($pass = <STDIN>);
  login($id, $pass);
}
sub msgInfo()
{
  print "\nEnter message subject: ";
  chomp($subj = <STDIN>);
  print "\nEnter your message: ";
  chomp($msg = <STDIN>);
  print "\nEnter highest uid: ";
  chomp($uid = <STDIN>);
  spam();
}
naveen's Avatar
Go4Expert Member
Hi,

Without going through your code in great detail, I've a few points -

1) I'm not too sure if you can authenticate the way you are doing, using LWP::UserAgent. Also, you are calling the subroutine login with username and password as parameters, but nowhere in sub login you are using them.

2) WWW::Mechanize is a module which is used to automate tasks related to web page automation, authentication etc. You can have a look at it.

3) You need to post more detailed information about what you want to achieve. For eg. what is the content of the page you're leeching, what information you are extracting, what action you want to automate etc. Examples would be great.

4) Do you get any error on running your script? If yes, please post the complete error. Else state whatever is happening on running the script.

HTH