Apache Users
Apache-users enumerates usernames on systems running Apache with the UserDir module enabled. It uses a dictionary of usernames to probe for valid users via HTTP requests.
Description
Apache-users is a Perl script designed to identify valid usernames on target systems that have Apache's UserDir module active. This module allows directory listings based on usernames, such as http://target/~username/, which can leak information about system users when probed systematically.
Use cases include reconnaissance during penetration testing to map user accounts on web servers. It is particularly effective against misconfigured Apache servers where UserDir is enabled, a common default or oversight in some deployments. The tool supports multithreading for faster enumeration against large username lists.
Contextually, it fits into information gathering phases, helping attackers or testers build a profile of the target before attempting brute-force logins or social engineering.
How It Works
The tool sends HTTP requests to paths like http://target/~username/ using a provided dictionary of usernames. It analyzes the HTTP response codes; a specified code (default 403) indicates a valid username, while others suggest non-existence. Supports SSL/TLS, custom ports, and parallel threading via Perl's Parallel::ForkManager. Leverages LWP for HTTP handling and Socket::IP for connectivity.
Installation
sudo apt install apache-usersFlags
Examples
apache-users -h 192.168.1.202 -l /usr/share/wordlists/metasploit/unix_users.txt -p 80 -s 0 -e 403 -t 10apache-users -h 192.168.1.202 -l /usr/share/wordlists/metasploit/unix_users.txtapache-users -h example.com -l users.txt -p 443 -s 1 -t 5apache-users -h 10.0.0.5 -l /usr/share/wordlists/rockyou.txt -e 404 -t 20apache-users -h target.local -l custom_users.txt -p 8080 -s 0apache-users -h 192.168.1.1 -l /usr/share/wordlists/metasploit/unix_users.txt -t 1