From fd591a0675f3666f4bacb8ecab2a519effe2f3c0 Mon Sep 17 00:00:00 2001
From: ethicalhack3r <ryandewhurst@gmail.com>
Date: Fri, 30 Nov 2012 22:00:23 +0100
Subject: [PATCH] Some small refactoring and fix for issue #66

---
 lib/wpscan/modules/brute_force.rb |  2 +-
 wpscan.rb                         | 14 ++++++--------
 2 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/lib/wpscan/modules/brute_force.rb b/lib/wpscan/modules/brute_force.rb
index 3ca50066..4a50a829 100644
--- a/lib/wpscan/modules/brute_force.rb
+++ b/lib/wpscan/modules/brute_force.rb
@@ -41,7 +41,7 @@ module BruteForce
         queue_count   += 1
 
         # create local vars for on_complete call back, Issue 51.
-        username = login.name
+        username = login.name != 'empty' ? login.name : login.nickname # Issue #66 
         password = password
 
         # the request object
diff --git a/wpscan.rb b/wpscan.rb
index 40171eb9..fddd08ab 100755
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -376,19 +376,17 @@ begin
       puts "The plugin #{protection_plugin.name} has been detected. It might record the IP and timestamp of every failed login. Not a good idea for brute forcing !"
       puts "[?] Do you want to start the brute force anyway ? [y/n]"
 
-      if Readline.readline !~ /^y/i
-        bruteforce = false
-      end
+      bruteforce = false if Readline.readline !~ /^y/i
     end
 
-    if bruteforce === false
-      puts
-      puts "Brute forcing aborted"
-    else
+    if bruteforce
       puts
       puts green("[+]") + " Starting the password brute forcer"
       puts
-      wp_target.brute_force(usernames, wpscan_options.wordlist)
+      wp_target.brute_force(usernames, wpscan_options.wordlist)  
+    else
+      puts
+      puts "Brute forcing aborted"
     end
   end