id: Wordpress-RDF-User-Enum
info:
  name: Wordpress-RDF-User-Enumeration
  author: r3dg33k
  severity: info
  reference: N/A
  tags: wordpress

requests:
  - method: GET
    path:
      - '{{BaseURL}}/feed/rdf'
    redirects: true

    matchers-condition: and
    matchers:

      - type: word
        part: header
        words:
          - "application/rdf+xml"

      - type: word
        part: body
        words:
          - "<rdf:RDF"
          - "<dc:creator>"
        condition: and

      - type: status
        status:
          - 200

    extractors:
      - type: regex
        part: body
        group: 1
        regex:
          - '<dc:creator><!\[CDATA\[([a-z]+)\]\]><\/dc:creator>'