Apache Users 1.0

Apache Users project is an Apache username enumerator, via /~username requests. This script uses a list of common system names like root, admin etc ...

You should manually check the issue to establish the http return code, ie: 403 as this is needed for the command line. No native SSL support.

USAGE apache.pl -h 1.2.3.4 -l names -p 80 (No SSL Support) -e 403 (http code)

Sample script:

use IO::Socket;
use Getopt::Std;
getopt ("h: l: p: e: ");
use vars qw( $opt_h $opt_l $opt_p $opt_e );


if ((! $opt_h) || (! $opt_l ) || (! $opt_p ) || (! $opt_e)) {
print "nUSAGE: apache.pl -h 1.2.3.4 -l names -p 80 (No SSL Support) -e 403 (http code)nn ";

exit 1;
};

$host = $opt_h;
$list = $opt_l;
$port = $opt_p;
$num = $opt_e;

open (LIST, "$list") or die "Unable to open $list ....$!";

&connect;
exit 0;


sub connect {

foreach $name (< LIST >) {


$connection = IO::Socket::INET->new (
Proto => "tcp",
PeerAddr => "$host",
PeerPort => "$port",
) or die "Can't CONNECT to $host on the Port specified.n";

$connection -> autoflush;

chomp $name;
print $connection "GET /~$name HTTP/1.0rnrn";


$results = < $connection >;
if ( $results =~/($num)/g ) {
print "$name exists on $hostn";
};

}

close ($connection);

sleep 1;
};
close LIST;

Product's homepage

Requirements:

· Perl