anyForm is a lightweight form brute-forcing tool that can break any form that contains a username and a password fields.
At this time, anyForm is still at early stage development, functionalities are very limited but they are good enough for classical web forms.
anyForm is so plain and simple you only have to pass by a few steps and your brute-force attack is all ready. Follow these steps to successfully start cracking passwords:
$ perl anyform.pl
set url <your_form_url>
set users <users_list>
set passwords <passwords_list>
set userField <field_name_from_html_source>
set passField <field_name_from_html_source>
set ssMsg <success_message_source>
If you need to get more in depth of anyForm here is the list of anyForm commands:
|set url <value>||Setting the form url to a new value||set url http://www.example.com/form1.php|
|set users <value>||Give users list a new value||set users users_list.txt|
|set passwords <value>||Give passwords list a new value||set passwords passwords_list.txt|
|set userField <value>||Enter the value of the user field (as in the html||set userField username|
|set passField <value>||Enter the value of the password field (as in the||set userField password|
|set ssMsg <value>||Setting the success string to test on||set ssMsg success.txt|
|help||Show this help message|
This version of anyForm is very basic, later version will have better functionalities and trust me, you will love it. Here is the list of the to-be-added functionalities:
Do you have a new idea? Or you think anyForm is missing something? Simply make a new pull request or contact me @ [email protected] to suggest changes.
An error has occurred and you have no clue what caused it? Don't panic, as mentioned above anyForm is still at early stage development, errors and bugs might occur, just make a new issue or contact me @ [email protected] for bug report.