This has been bothering me for awhile now...

My buddy has a web server and hosts a few sites. One of his sites has a forum with a login function. He knows I play around with pentesting and such, and challenged me to crack the security on the login.

At first I went through a few basic sweeps, tried SQL injection, tried modifying the source code to bypass it. The basic stuff didn't work, and I'm still working on it. I have one question, though.

I'm sort of familiar with password crackers such as Cain and John the Ripper. I'm wondering, is there a program that can run a wordlist through a website login form? Does anybody have any ideas on the matter?

Thanks in advance.