SV - DEV : automated forum bruteforce tester

[shamanvirtuel]

okay i found a way to limit AT MAXIMUM my capture but i will now be able parse the WHOLE FORUM

this need user select the type of forum, because for each major forum , the feature i use is available but not at the same place

for example for a vbulletin forum.......

i list all threads available in a forum in a text file

i get urls like that : http://forums.remote-exploit.org/showthread.php?t=10588

after a little sed remplacement session i get urls like that:
http://forums.remote-exploit.org/printthread.php?t=10588

if you follow the new link , you can reach the printable version of the thread, with no images & extra things we don't need for building our wordlist

........

like you see things are on their way ...

[shamanvirtuel]

éé
i already created the chromes mods and most of all code

i will give you the first screenshot of the window that popup from firefox tool bar
yes it's my first extension, and it's easy

i will maybe begin another for giving a web gui to ezpawn
.....

[drpepperONE]

Hi shamanvirtuel very nice job!!!You have always a right and new ideas!!!
Your Brain works a lot!!

I wanna know if this tools could be find any vulnerabilities about phpBB forum or forum that use apache+mysql+php (lamp).

If not it could be a very nice new functions because actualy ther's not a specific tool that found all the scurity holes of a forum.

Yes there are general purpose scanners/test vuln (like nessus, retina, gfi lan gaurd and so on...) but one only for web forum it could be an amazing new tool.

Thank you a lot man!!!

[shamanvirtuel]

tada !

the work is going well under this project , in order to thx you for your patience,
here is some details of the operative process behind the firefox extension im building.

SCENARIO :
you surf a vbulletin(only for moment) forum that you own and want to know if some dumb users have dumb accounts like foo/foo

open firefox menu /tools / SV Forum Stresser
a tool frame appears splitting your browser window
here you will see all operations

the scripts will do
1 dl the memberlist.php
2 find how many pages of users are available
3 generate links for download all username list page (not profile maybe later)
4 download all files (for example here 606 pages )
5 do a mass grep/lynx session under the dl files in order to extract only usernames found
6 store all that in a sqlite db silently
7 will duplicate the list in a password table and reverse chars use partial strings or just change caps via an automated process generating a BIG list of passwords from username list (to check dumb accounts)
8 now your ready to test

the fact is most of forums after 3 failed login will block your ip to login for 15 min or more . we can bypass this by setting up chained proxies silently and change our ip every 2 attempt (3 i bet the mods are warned)

now we will test .... how to do that ? a backgrounded hydra session against the forum login form , with multithreading (100 / 100), and ip spoofing auto.

once a valid idotic account is found , it will be store in the same database but in a table called "suckers"

once finished a popup will list you all valid account and will propose you to save session result

as both wget/hydra are resumable, i hope to make the whole process resumable and why net set a day of week options for automat all that . or anything .

some ideas...will come later ...

see u

[drpepperONE]

Nice shaman!!!!

Beaucoup complimentes

This is a very useful tools and I hope that this tool will became a TOTAL/GLOBAL vuln test for all kind of forum!!!

[shamanvirtuel]

it will be easily to support all kinds of forums, for the moment i support vbulletin 3.X.Y

[Munkey106]

Any progress with this?

[shamanvirtuel]

i had no time for it, but it's not abandoned...
i hope to reliz something for vbulletin in next weeks

[Munkey106]

Oh, cool. Thank you oh lord programmer