Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] http-drupal-users

From: Djalal Harouni <tixxdz () opendz org>
Date: Wed, 21 Mar 2012 11:52:59 +0100
On Tue, Mar 20, 2012 at 11:45:11PM -0400, Patrik Karlsson wrote:

On Tue, Mar 20, 2012 at 4:26 AM, M. Hani Benhailes <kroosec () gmail com>wrote:


Hi list,

Attached is a script for Drupal usernames enumeration.

description = [[
Enumerates Drupal users by exploiting a an information disclosure
vulnerability in Views, Drupal's most popular module.

Requests to admin/views/ajax/autocomplete/**user/STRING return all
usernames that begin with STRING.
The script works by iterating STRING over letters to extract all usernames.

For more information,see:
 * http://www.madirish.net/node/**465 <http://www.madirish.net/node/465>
]]

--@output
-- Interesting ports on some.web.site (123.123.123.123):
-- PORT   STATE SERVICE REASON
-- 80/tcp open  http    syn-ack
-- | http-drupal-users:
-- |   admin
-- |   alex
-- |   manager
-- |_  user

Cheers,
Hani.

--
M. Hani Benhabiles
OWASP Algeria Student Chapter: Founder/President.
http://www.owaspalgeriasc.org
https://www.owasp.org/index.**php/Algeria_Student_Chapter<https://www.owasp.org/index.php/Algeria_Student_Chapter>
Email: hani.benhabiles () owasp org

Twitter: https://twitter.com/#!/kroosec
Blog: http://kroosec.blogspot.com


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



Great work Hani! I tested the script against a few sites and it worked
great.
I've committed the script as r28309 with some minor changes.

Patrik the script was committed as http-drupal-users-enum.nse but usage
examples and arguments are using 'http-drupal-users', output tag also.

Thanks Hani, Patrik.

-- 
tixxdz
http://opendz.org
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: