infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Correct wordpress_login_enum for #2301 

tabassassin created a mess and I failed to resolve it properly.
Attempt #2. See #2301.
bug/bundler_fix
sinn3r 2013-09-12 14:56:46 -05:00
parent 91b8ca8f22
commit 149312a4c0
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/auxiliary/scanner/http/wordpress_login_enum.rb
View File

@ -218,6 +218,12 @@ class Metasploit3 < Msf::Auxiliary
if (res and res.code == 301) if (res and res.code == 301)
uri = URI(res.headers['Location']) uri = URI(res.headers['Location'])
if uri.path =~ /\/author\/([[:print:]]+)\//
username = $1
print_good "#{uri.path} - Found user '#{username}' with id #{i.to_s}"
usernames << username
next
end
uri = "#{uri.path}?#{uri.query}" uri = "#{uri.path}?#{uri.query}"
res = send_request_cgi({ res = send_request_cgi({
'method' => 'GET', 'method' => 'GET',
@ -245,5 +251,4 @@ class Metasploit3 < Msf::Auxiliary
return usernames return usernames
end end
end
end