Search the Community

Conformer is a penetration testing tool, mostly used for external assessments to perform password based attacks against common webforms. Conformer was created from a need for password guessing against new web forms, without having to do prior burp work each time, and wanting to automate such attacks. Conformer is modular with many different parameters and options that can be customized to make for a powerful attack. Conformer has been used in countless assessments to obtain valid user credentials for accessing the internal environment through VPN, other internal resources or data to further the assessment. About Mikhail Burshteyn Mikhail Burshteyn is a security consultant at CDW, performing Penetration Tests. Mikhail currently performs External, Internal, Wireless, and Social Engineering assessments, testing the capabilities for wide range of clients and industries. He is interested in research in various security topics, including Networking, Web Apps, and Active Directory. Key features: Basic Detection of Web Portals Modular SonicWallVOffice (SonicWall Virtual Office) CiscoSSLVPN Netscaler (Citrix Netscaler) OWA (Versions 2013/2016) Gmail (mail.google.com) Office365 (outlook.office.com) PaloAlto (GlobalProtect VPN) SharePoint (Not Office365 integrated) XenMobile AUTO (Autodetect module) (Can't be used with disable_check flag) SMB (Windows Auth. / supports NT Hash) Password=Username option Combo File option Threading Non-standard Ports Log and Debug files modules and parameters are case insensitive. Additional Parameters can be added besides username and password. Syntax conformer.sh <HOST_IP/Hostname><:PORT>(optional) <Username or Users_File> <Password<\&par1=val1\&par2=val2>(optional) or Pass_File> <Portal Type> <DISABLE_CHECK>(optional) <DEBUG=file>(optional) <LOG=file>(optional) <THREAD=n>(optional) Conformer at a bare minimum needs to be provided a host, username/file, password/file and module Ex. conformer.sh outlook.office.com ~/path/to/username/file Password1 Office365 conformer.sh 192.168.10.5 testuser Password1 SMB Each Conformer module has a function that performs a basic check if the webpage has the portal password guessing is attempted on, (this can be bypassed with the "disable_check" parameter, should be used if basic check is wrong and falls to identify the portal as correct.) Ex. # In this example, conformer is being used against google.com with the CiscoSSLVPN, the expected reply is that the portal is not compatible. conformer.sh google.com testuser Password1 CiscoSSLVPN Either not a CiscoSSLVPN portal, or not compatible version. Exiting... Download && Source : [hide][Hidden Content]]