user is now a class

lib/wpscan/modules/brute_force.rb

@@ -40,7 +40,7 @@ module BruteForce
         queue_count   += 1
 
         # create local vars for on_complete call back, Issue 51.
-        username = login
+        username = login.name
         password = password
 
         # the request object

lib/wpscan/modules/wp_usernames.rb

@@ -24,7 +24,7 @@ module WpUsernames
   # Available options :
   #  :range - default : 1..10
   #
-  # returns an array of usernames (can be empty)
+  # returns an array of WpUser (can be empty)
   def usernames(options = {})
     range       = options[:range] || (1..10)
     browser     = Browser.instance
@@ -46,9 +46,7 @@ module WpUsernames
       end
 
       unless username == nil and nickname == nil
-        usernames << { :id => author_id,
+        usernames << WpUser.new(username, author_id, nickname)
-                       :name => username ? username : "empty",
-                       :nickname => nickname ? nickname : "empty"}
       end
     end
     usernames = remove_junk_from_nickname(usernames)
@@ -83,14 +81,14 @@ module WpUsernames
   def remove_junk_from_nickname(usernames)
     nicknames = []
     usernames.each do |u|
-      nickname = u[:nickname]
+      nickname = u.nickname
       unless nickname == "empty"
         nicknames << nickname
       end
     end
     junk = get_equal_string_end(nicknames)
     usernames.each do |u|
-      u[:nickname] = u[:nickname].sub(/#{Regexp.escape(junk)}$/, "")
+      u.nickname = u.nickname.sub(/#{Regexp.escape(junk)}$/, "")
     end
     usernames
   end

lib/wpscan/wp_user.rb

@@ -0,0 +1,39 @@
+#--
+# WPScan - WordPress Security Scanner
+# Copyright (C) 2012
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#++
+
+class WpUser
+  attr_accessor :name, :id, :nickname
+
+  def initialize(name, id, nickname)
+    @name = name ? name : "empty"
+    @id = id ? id : "empty"
+    @nickname = nickname ? nickname : "empty"
+  end
+
+  def <=>(item)
+    item.name <=> @name and item.id <=> @id and item.nickname <=> @nickname
+  end
+
+  def ===(item)
+    item.name === @name and item.id === @id and item.nickname === @nickname
+  end
+
+  def eql?(item)
+    item.name === @name and item.id === @id and item.nickname === @nickname
+  end
+end

spec/lib/wpscan/modules/wp_usernames_spec.rb

@@ -50,9 +50,9 @@ shared_examples_for "WpUsernames" do
       usernames = @module.usernames
       usernames.should_not be_empty
       usernames.length.should == 1
-      usernames[0][:id].should == 3
+      usernames[0].id.should == 3
-      usernames[0][:name].should == "Youhou"
+      usernames[0].name.should == "Youhou"
-      usernames[0][:nickname].should == "empty"
+      usernames[0].nickname.should == "empty"
     end
 
     it "should return an array with 1 username (from in the body response)" do
@@ -61,7 +61,7 @@ shared_examples_for "WpUsernames" do
 
       usernames = @module.usernames(:range => (1..2))
       usernames.should_not be_empty
-      usernames.should === [{ :id => 2, :name => "admin", :nickname => "admin | Wordpress 3.3.2"}]
+      usernames.eql?([WpUser.new("admin", 2, "admin | Wordpress 3.3.2")]).should be_true
     end
 
     it "should return an array with 2 usernames (one is a duplicate and should not be present twice)" do
@@ -73,9 +73,10 @@ shared_examples_for "WpUsernames" do
 
       usernames = @module.usernames(:range => (1..5))
       usernames.should_not be_empty
-      expected = [{:id => 2, :name =>"admin", :nickname => "admin | Wordpress 3.3.2"},
+      expected = [WpUser.new("admin", 2, "admin | Wordpress 3.3.2"),
-                  {:id => 4, :name => "Youhou", :nickname => "empty"}]
+                  WpUser.new("Youhou", 4, "empty")]
-      usernames.sort_by { |u| u[:name]}.should === expected.sort_by { |u| u[:name]}
+
+      usernames.sort_by {|u| u.name}.eql?(expected.sort_by {|u| u.name}).should be_true
     end
   end
 

wpscan.rb

@@ -323,15 +323,15 @@ begin
       puts "We found the following #{usernames.length.to_s} username/s :"
       puts
 
-      max_id_length = usernames.sort{|a,b| a[:id] <=> b[:id]}.last[:id].to_s.length
+      max_id_length = usernames.sort{|a,b| a.id <=> b.id}.last.id.to_s.length
-      max_name_length = usernames.sort{|a,b| a[:name] <=> b[:name]}.last[:name].length
+      max_name_length = usernames.sort{|a,b| a.name <=> b.name}.last.name.length
-      max_nickname_length = usernames.sort{|a,b| a[:nickname] <=> b[:nickname]}.last[:nickname].length
+      max_nickname_length = usernames.sort{|a,b| a.nickname <=> b.nickname}.last.nickname.length
 
       space = 1
       usernames.each do |u|
-        id_string = "id: #{u[:id].to_s.ljust(max_id_length + space)}"
+        id_string = "id: #{u.id.to_s.ljust(max_id_length + space)}"
-        name_string = "name: #{u[:name].ljust(max_name_length + space)}"
+        name_string = "name: #{u.name.ljust(max_name_length + space)}"
-        nickname_string = "nickname: #{u[:nickname].ljust(max_nickname_length + space)}"
+        nickname_string = "nickname: #{u.nickname.ljust(max_nickname_length + space)}"
         puts " | #{id_string}| #{name_string}| #{nickname_string}"
       end
     end