Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File http-drupal-enum-users

Script types: portrule
Categories: discovery, intrusive
Download: http://nmap.org/svn/scripts/http-drupal-enum-users.nse

User Summary

Enumerates Drupal users by exploiting a an information disclosure vulnerability in Views, Drupal's most popular module.

Requests to admin/views/ajax/autocomplete/user/STRING return all usernames that begin with STRING. The script works by iterating STRING over letters to extract all usernames.

For more information,see: * http://www.madirish.net/node/465

Script Arguments

http-drupal-enum-users.root

base path. Defaults to "/"

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap --script=http-drupal-enum-users --script-args http-drupal-enum-users.root="/path/" <targets>

Script Output

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-drupal-enum-users:
|   admin
|   alex
|   manager
|_  user

Requires


Author: Hani Benhabiles

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]