Description
This plugin will try to find user home directories based on the knowledge gained by other plugins, and an internal knowledge base. For example, if the target URL is:
- http://test/
And other plugins found this valid email accounts:
This plugin will request:
- http://test/~test/
- http://test/test/
- http://test/~f00b4r/
- http://test/f00b4r/
If the response is not a 404 error, then we have found a new URL. And confirmed the existance of a user in the remote system. This plugin will also identify the remote operating system and installed applications based on the user names that are available.
Plugin type
Options
Name | Type | Default Value | Description | Help |
identify_os | boolean | True | Try to identify the remote operating system based on the remote users | No detailed help available |
identify_apps | boolean | True | Try to identify applications installed remotely using the available users | No detailed help available |
Source
For more information about this plugin and the associated tests, there’s always the source code to understand exactly what’s under the hood:
Plugin source code
Unittest source code
Dependencies
This plugin depends on infrastructure.finger_bing, infrastructure.finger_google, infrastructure.finger_pks.