nuclei-templates/http/vulnerabilities/wordpress/wordpress-rdf-user-enum.yaml

id: wordpress-rdf-user-enum

info:
  name: Wordpress RDF User Enumeration
  author: r3dg33k
  severity: info
  description: Leaked Wordpress RDF leads to User Emumeration.
  metadata:
    max-request: 1
  tags: wordpress,enum

http:
  - method: GET
    path:
      - '{{BaseURL}}/feed/rdf'

    host-redirects: true

    matchers-condition: and
    matchers:
      - type: word
        part: header
        words:
          - "application/rdf+xml"

      - type: word
        part: body
        words:
          - "<rdf:RDF"
          - "<dc:creator>"
        condition: and

      - type: status
        status:
          - 200

    extractors:
      - type: regex
        part: body
        group: 1
        regex:
          - '<dc\:creator><\!\[CDATA\[(.*?)\]\]></dc'
# digest: 490a004630440220029b74ef22b0586f0c8d906ac39f346f81d8e40298879b4e17b2f31a8d679fd40220403538a23d730e4b77ab8b991908be5f81f4d2edbbd6fc8877cf7e669b20361f:922c64590222798bb761d5b6d8e72950
updating file name 2021-11-04 10:13:49 +00:00			`id: wordpress-rdf-user-enum`
Update and rename wordpress-rdf-user-enum.yaml to rdf-user-enumeration.yaml 2021-11-01 10:07:58 +00:00
Add files via upload 2021-10-30 10:46:56 +00:00			`info:`
Update and rename wordpress-rdf-user-enum.yaml to rdf-user-enumeration.yaml 2021-11-01 10:07:58 +00:00			`name: Wordpress RDF User Enumeration`
Add files via upload 2021-10-30 10:46:56 +00:00			`author: r3dg33k`
			`severity: info`
Updated descriptions of templates 2024-01-02 15:45:12 +00:00			`description: Leaked Wordpress RDF leads to User Emumeration.`
Added max request counter of each template 2023-04-28 08:11:21 +00:00			`metadata:`
			`max-request: 1`
templateman update 2023-10-14 11:27:55 +00:00			`tags: wordpress,enum`
Update wordpress-rdf-user-enum.yaml 2021-10-30 10:57:53 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
Add files via upload 2021-10-30 10:46:56 +00:00			`- method: GET`
			`path:`
			`- '{{BaseURL}}/feed/rdf'`
templateman update 2023-10-14 11:27:55 +00:00
Using "host-redirects" instead of "redirects" to avoid scanning 3rd party / out of scope hosts. (#5491) 2022-10-07 21:27:25 +00:00			`host-redirects: true`
Add files via upload 2021-10-30 10:46:56 +00:00
			`matchers-condition: and`
			`matchers:`
Update wordpress-rdf-user-enum.yaml 2021-11-01 10:00:54 +00:00			`- type: word`
			`part: header`
			`words:`
			`- "application/rdf+xml"`

			`- type: word`
			`part: body`
			`words:`
			`- "<rdf:RDF"`
			`- "<dc:creator>"`
			`condition: and`
Update wordpress-rdf-user-enum.yaml 2021-11-01 10:03:06 +00:00
Add files via upload 2021-10-30 10:46:56 +00:00			`- type: status`
			`status:`
			`- 200`
Update wordpress-rdf-user-enum.yaml 2021-10-30 10:57:53 +00:00
Add files via upload 2021-10-30 10:46:56 +00:00			`extractors:`
			`- type: regex`
			`part: body`
Update wordpress-rdf-user-enum.yaml 2021-11-01 10:00:54 +00:00			`group: 1`
Add files via upload 2021-10-30 10:46:56 +00:00			`regex:`
updating file name 2021-11-04 10:13:49 +00:00			`- '<dc\:creator><\!\[CDATA\[(.*?)\]\]></dc'`
Auto Template Signing [Mon Jan 15 11:49:24 UTC 2024] :robot: 2024-01-15 11:49:24 +00:00			`# digest: 490a004630440220029b74ef22b0586f0c8d906ac39f346f81d8e40298879b4e17b2f31a8d679fd40220403538a23d730e4b77ab8b991908be5f81f4d2edbbd6fc8877cf7e669b20361f:922c64590222798bb761d5b6d8e72950`