PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity

o [NSE] Made http-wordpress-enum.nse able to get names of users who

Browse Source 
have no posts. [Duarte Silva]
This commit is contained in:
david
2011-10-01 02:02:06 +00:00
parent d9b7637fd8
commit 73db36a5a9
2 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG
View File

@@ -1,5 +1,8 @@
# Nmap Changelog ($Id$); -*-text-*- # Nmap Changelog ($Id$); -*-text-*-
o [NSE] Made http-wordpress-enum.nse able to get names of users who
have no posts. [Duarte Silva]
o Increased hop distance estimates from OS detection by one. The o Increased hop distance estimates from OS detection by one. The
distance now counts the number of hops including the final one to distance now counts the number of hops including the final one to
the target, not just the number of intermediate nodes. The IPv6 the target, not just the number of intermediate nodes. The IPv6

7
scripts/http-wordpress-enum.nse
View File

@@ -51,7 +51,12 @@ local function get_wp_user(host, port, path, id)
if req.status then if req.status then
stdnse.print_debug(1, "%s: User id #%s returned status %s", SCRIPT_NAME, id, req.status) stdnse.print_debug(1, "%s: User id #%s returned status %s", SCRIPT_NAME, id, req.status)
if req.status == 301 then if req.status == 301 then
local _, _, user = string.find(req.header.location, 'http://.*/.*/(.*)/') local _, _, user = string.find(req.header.location, 'https?://.*/.*/(.*)/')
return user
elseif req.status == 200 then
-- Users with no posts get a 200 response, but the name is in an RSS link.
-- http://seclists.org/nmap-dev/2011/q3/812
local _, _, user = string.find(req.body, 'https?://.-/author/(.-)/feed/')
return user return user
end end
end end