WpUsernames

# File lib/wpscan/modules/wp_usernames.rb, line 82
def author_url(author_id)
  @uri.merge("?author=#{author_id}").to_s
end

# File lib/wpscan/modules/wp_usernames.rb, line 78
def extract_real_name_from_body(body)
  body[%{<title>([^<]*)</title>}, 1]
end

# File lib/wpscan/modules/wp_usernames.rb, line 70
def get_real_name_from_response(resp)
  real_name = nil
  if resp.code == 200
    real_name = extract_real_name_from_body(resp.body)
  end
  real_name
end

# File lib/wpscan/modules/wp_usernames.rb, line 61
def get_real_name_from_url(url)
  resp = Browser.instance.get(url, { :follow_location => true, :max_redirects => 2 })
  real_name = nil
  if resp.code == 200
    real_name = extract_real_name_from_body(resp.body)
  end
  real_name
end

# File lib/wpscan/modules/wp_usernames.rb, line 28
def usernames(options = {})
  range       = options[:range] || (1..10)
  browser     = Browser.instance
  usernames   = []

  range.each do |author_id|
    url = author_url(author_id)
    response = browser.get(url)

    username = nil
    real_name = nil
    if response.code == 301 # username in location?
      username = response.headers_hash['location'][%{/author/([^/]+)/}, 1]
      # Get the real name from the redirect site
      real_name = get_real_name_from_url(url)
    elsif response.code == 200 # username in body?
      username = response.body[%{posts by (.*) feed}, 1]
      real_name = get_real_name_from_response(response)
    end

    unless username == nil and real_name == nil
      usernames << { :id => author_id,
                     :name => username ? username : "empty",
                     :real_name => real_name ? real_name : "empty"}
    end
  end

  # clean the array, remove nils and possible duplicates
  usernames.flatten!
  usernames.compact!
  usernames.uniq
end