There are several features added to the SMF 1.1.19 codebase, and I don't believe the code for these features is public. Some of the modifications to SMF 1.1.19 may have been to close security holes/issues.

While following the terms in the OP (which primarily consist of the requirement that PenTesters not cause disruption to the forum, and not access 3rd party data, you can find security weaknesses in the forum software, and collect the respective bounties.