Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] apache-userdir-enum

From: David Fifield <david () bamsoftware com>
Date: Sat, 8 Aug 2009 14:58:51 -0600
On Wed, Jul 29, 2009 at 02:10:42AM +0100, jah wrote:

On 27/07/2009 22:56, David Fifield wrote:

I like this script. It's a good idea. Could it be combined with the
recently added http-enum.nse script? I like the idea of checking the
version detection results and only continuing if it matches "apache".


I envisioned the script being used for discovering usernames as a
precursor to a brute-force attempt over the same or other protocols
(e.g. telnet, ssh) and to better focus such an attempt on usernames that
are highly likely to exist on the target.  Key to this would be limiting
the number of false positives.
I think that there would be distinct reasons for running the http-enum
and apache-userdir scripts - one to find directories to explore and one
to find usernames - and in the latter case, it might be overkill to test
for all of the directories in http-enum (especially those not usually
found on apache servers).


Okay, I see now. This script isn't about finding web directories, it's
about enumerating users. It makes sense to have it separate. I would
like you to commit the script.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: