Traduccion a Perl (mega buggeada) del script que hizo Javier de PortalHacker para poder leer los mensajes privados y listar las categorias de un foro SMF.
El codigo
#!usr/bin/perl
#SMF Manager 0.00001
#Coded By Doddy H
#ppm install http://www.bribes.org/perl/ppm/HTML-Strip.ppd
use LWP::UserAgent;
use HTTP::Cookies;
use HTML::Strip;
my $nave = LWP::UserAgent->new(
cookie_jar => HTTP::Cookies->new(),
requests_redirectable => [],
timeout => 5,
agent =>
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
print qq(
@@@ @ @ @@@@@ @ @
@ @ @ @ @ @ @
@ @@ @@ @ @@ @@
@ @@ @@ @ @@ @@ @@@ @ @@ @@@ @@@@ @@@ @@
@@@ @ @ @ @ @@@@ @ @ @ @ @ @@ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @@@@ @ @ @@@@ @ @ @@@@@ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@@@ @ @ @ @ @ @@@@ @ @ @@@@ @@@@ @@@ @
@
@@@@
);
print "\n\n[+] Page : ";
chomp( my $url = <stdin> );
print "\n[+] Username : ";
chomp( my $usera = <stdin> );
print "\n[+] Password : ";
chomp( my $passa = <stdin> );
## Login
print "\n[+] Connecting ....\n\n";
my $code = $nave->post(
$url . "/index.php?action=login2",
{
"user" => $usera,
"passwrd" => $passa,
"cookielength" => "9000",
"hash_passwrd" => "",
"submit" => "submit"
}
);
if ( $code->is_redirect ) {
#print $code->header('location'),"\n";
}
elsif ( $code->is_success ) {
print $code->as_string, "\n";
}
else {
print STDERR $code->status_line, "\n";
}
my $code = toma( $url . "/SSI.php?ssi_function=welcome" );
if ( $code =~ /Hola, <strong>(.*)<\/strong>/ ) {
my $name = $1;
print "[+] Welcome $name\n";
}
else {
print "[-] Error\n";
}
##
while (1) {
print "\n[+] Options\n\n";
print "1 - See MP\n";
print "2 - Navegate\n";
print "3 - Exit\n";
print "\n[+] Option : ";
chomp( my $op = <stdin> );
if ( $op eq "3" ) {
exit(1);
}
if ( $op eq "1" ) {
print qq(
@ @ @@@@@
@ @ @ @
@@ @@ @ @
@@ @@ @ @
@ @ @ @ @@@@@
@ @ @ @ @
@ @ @ @
@ @ @ @
@ @ @
);
mps($url);
}
if ( $op eq "2" ) {
print qq(
@ @
@@ @ @
@@ @ @
@ @ @ @@@ @ @ @@@ @@@@ @@@ @@ @@@
@ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @@@@ @ @ @@@@@ @ @ @@@@ @ @@@@@
@ @@ @ @ @ @ @ @ @ @ @ @ @
@ @@ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @@@@ @ @@@ @@@@ @@@@ @ @@@
@
@@@@
);
my $chau2 = 0;
while ( $chau2 eq 0 ) {
print "\n[+] 1 - List Categories\n";
print "[+] 2 - Exit\n";
print "\n[+] Option : ";
chomp( my $op = <stdin> );
if ( $op eq "1" ) {
print "\n[+] Searching ...\n\n";
my $code = toma($url);
while ( $code =~
/<a class=\"subject\" href=\"(.*?)\" name=(.*?)>(.*?)<\/a>/migs
)
{
print "[+] ID : $2 [+] Name : $3\n";
}
}
else {
$chau2 = 1;
}
}
}
}
#gets_list_mp();
#gets_msg_mp();
#gets_msg_now();
sub mps {
my $url = shift;
my $chau = "0";
print "\n[+] Searching pages ..\n";
my @founds = gets_list_mp($url);
my $count = int(@founds);
print "\n[+] Pages Found : $count\n";
while ( $chau eq 0 ) {
print "\n[+] 1 - Get List Messages\n";
print "[+] 2 - Read Message\n";
print "[+] 3 - Exit\n";
print "\n[+] Option : ";
chomp( my $op = <stdin> );
if ( $op eq "1" ) {
print "\n[+] Number Page : ";
chomp( my $op = <stdin> );
print "\n[+] Searching ..\n";
gets_msg_mp( $founds[ $op - 1 ] );
}
elsif ( $op eq "2" ) {
print "\n[+] Number Page : ";
chomp( my $n = <stdin> );
print "\n[+] ID : ";
chomp( my $id = <stdin> );
print "\n[+] Reading ...\n";
gets_msg_now( $founds[ $n - 1 ], $id );
}
else {
$chau = 1;
}
}
}
sub gets_msg_now {
my $url = toma( $_[0] );
my $id = "msg_" . $_[1];
if ( $url =~ /<div class=\"inner\" id=\"$id\">(.*?)<\/div>/mig ) {
my $uno = HTML::Strip->new( emit_spaces => 1 );
my $final = $uno->parse($1);
$final =~ s/^[\t\f ]+|[\t\f ]+$//mg;
print "\n[START]\n\n";
print $final;
print "\n\n[END]\n\n";
}
}
sub gets_msg_mp {
my $url = toma( $_[0] );
my @ids;
my @asunto;
my @nombre;
while ( $url =~ /<td><a href=\"#msg(.*?)\">(.*?)<\/a><\/td>/migs ) {
#print "$1 $2\n";
push( @ids, $1 );
push( @asunto, $2 );
}
while ( $url =~ /Ver perfil de (.*?)">/migs ) {
#print "$1\n\n";
push( @nombre, $1 );
}
my $total = int(@ids) - 1;
for my $num ( 0 .. $total ) {
print "[+] ID : "
. $ids[$num]
. " [+] Asunto : "
. $asunto[$num]
. " [+] De : "
. $nombre[$num] . "\n";
}
}
sub gets_list_mp {
my $url = shift;
my @paginas;
my $code = toma( $url . "/index.php?action=pm" );
push( @paginas, $url . "/index.php?action=pm" );
while ( $code =~ /<a class="navPages" href="(.*?)">(.*?)<\/a>/migs ) {
push( @paginas, $1 );
}
my @paginas = repes(@paginas);
return @paginas;
}
sub repes {
my @limpio;
foreach $test (@_) {
push @limpio, $test unless $repe{$test}++;
}
return @limpio;
}
sub toma {
return $nave->get( $_[0] )->content;
}
sub tomar {
my ( $web, $var ) = @_;
return $nave->post( $web, [ %{$var} ] )->content;
}
#The End ?
AVISO : Solo esta probado en el foro PortalHacker.
Para correrlo en Mac, o derivados de bsd, lo primero que hay que hacer es descargar HTML-Strip del siguiente enlace:
http://search.cpan.org/~kilinrax/HTML-Strip/
Luego descomprimen el archivo, se posicionan en el directorio y ejecutan lo siguiente:
sudo perl Makefile.PL
sudo make
sudo make install
Seguramente en derivados de UNIX la instalacion sea igual.
Sobre el script:
1.- El código deberia revisarse.
2.- Hay funcionalidades que no caminan correctamente.
Buen complemento andresgg
solo lo hice para traducir un codigo que me gusto en portalhacker por eso le faltan todos los controles en las expresiones regulares ademas de que hay problemas con los cookies que no pude arreglar.
igual gracias por las sugerencias.