Fix #96 Username detection from header location when a trailing slash is present

2013-01-01 15:30:01 +01:00
parent 9b14a8d038
commit a4ace91e68
2 changed files with 9 additions and 7 deletions
--- a/lib/wpscan/modules/wp_usernames.rb
+++ b/lib/wpscan/modules/wp_usernames.rb
@@ -37,7 +37,7 @@ module WpUsernames
      username = nil
      nickname = nil
      if response.code == 301 # username in location?
-        username = response.headers_hash['location'][%r{/author/([^/]+)/}i, 1]
+        username = response.headers_hash['location'][%r{/author/([^/\b]+)/?}i, 1]
        # Get the real name from the redirect site
        nickname = get_nickname_from_url(url)
      elsif response.code == 200 # username in body?
--- a/spec/lib/wpscan/modules/wp_usernames_spec.rb
+++ b/spec/lib/wpscan/modules/wp_usernames_spec.rb
@@ -45,7 +45,7 @@ shared_examples_for "WpUsernames" do

    it "should return an array with 1 username (from header location)" do
      stub_request(:get, @module.author_url(3)).
-          to_return(:status => 301, :headers => {'location' => '/author/Youhou/'})
+        to_return(:status => 301, :headers => {'location' => '/author/Youhou'})

      usernames = @module.usernames
      usernames.should_not be_empty
@@ -73,8 +73,10 @@ shared_examples_for "WpUsernames" do

      usernames = @module.usernames(:range => (1..5))
      usernames.should_not be_empty
-      expected = [WpUser.new("admin", 2, "admin | Wordpress 3.3.2"),
-                  WpUser.new("Youhou", 4, "empty")]
+      expected = [
+        WpUser.new("admin", 2, "admin | Wordpress 3.3.2"),
+        WpUser.new("Youhou", 4, "empty")
+      ]

      usernames.sort_by { |u| u.name }.eql?(expected.sort_by { |u| u.name }).should be_true
    end