PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

o [NSE] Made http-wordpress-enum.nse able to get names of users who

Browse Source 
have no posts. [Duarte Silva]
This commit is contained in:
david
2011-10-01 02:02:06 +00:00
parent d9b7637fd8
commit 73db36a5a9
2 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
scripts/http-wordpress-enum.nse
View File

@@ -51,7 +51,12 @@ local function get_wp_user(host, port, path, id)
if req.status then
stdnse.print_debug(1, "%s: User id #%s returned status %s", SCRIPT_NAME, id, req.status)
if req.status == 301 then
local _, _, user = string.find(req.header.location, 'http://.*/.*/(.*)/')
local _, _, user = string.find(req.header.location, 'https?://.*/.*/(.*)/')
return user
elseif req.status == 200 then
-- Users with no posts get a 200 response, but the name is in an RSS link.
-- http://seclists.org/nmap-dev/2011/q3/812
local _, _, user = string.find(req.body, 'https?://.-/author/(.-)/feed/')
return user
end
end