I'm pretty sure I just posted this, I must've forgotten to press the submit button?
Anyway
I don't have time to write this myself, classes start this week, you're free to use it though. If it's not done by the upcoming weekend I'll see if I can find some time.
AOK
Before reading, get a rough idea of the HTTP protocol:
HTTP Made Really Easy
Pretty much, how it works is you create a http client that will 'POST' post data to the email recovery page, use "Live HTTP Header" to look at the communication between firefox and Nexon servers. There are certain post variables that hold your Email, and the date of birth. What you'll be doing is bruteforcing through a specified number of years with a proxy. It shouldn't take too long considering the number of possibilities(provided you stick to a small range of years.). I suggest you use a proxy(several actually). When you send the POST request, the server will reply, either compare with the content length(It should be one of two lengths depending on whether the recovery failed or not). Or decode the content sent to your client, and search for a success\failed signature.
Download my jttp source files in C++ section if you want some modules that will generate the http headers you need.