Some small refactoring and fix for issue #66

2012-11-30 22:00:23 +01:00
parent c34145220d
commit fd591a0675
2 changed files with 7 additions and 9 deletions
--- a/lib/wpscan/modules/brute_force.rb
+++ b/lib/wpscan/modules/brute_force.rb
@@ -41,7 +41,7 @@ module BruteForce
        queue_count   += 1

        # create local vars for on_complete call back, Issue 51.
-        username = login.name
+        username = login.name != 'empty' ? login.name : login.nickname # Issue #66 
        password = password

        # the request object
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -376,19 +376,17 @@ begin
      puts "The plugin #{protection_plugin.name} has been detected. It might record the IP and timestamp of every failed login. Not a good idea for brute forcing !"
      puts "[?] Do you want to start the brute force anyway ? [y/n]"

-      if Readline.readline !~ /^y/i
-        bruteforce = false
-      end
+      bruteforce = false if Readline.readline !~ /^y/i
    end

-    if bruteforce === false
-      puts
-      puts "Brute forcing aborted"
-    else
+    if bruteforce
      puts
      puts green("[+]") + " Starting the password brute forcer"
      puts
      wp_target.brute_force(usernames, wpscan_options.wordlist)  
+    else
+      puts
+      puts "Brute forcing aborted"
    end
  end