From 8ee9b2bc313645b45567c73c1833b5b9fbfa8c5a Mon Sep 17 00:00:00 2001
From: erwanlr <erwan.lr@gmail.com>
Date: Tue, 6 Aug 2019 13:01:22 +0100
Subject: [PATCH] Fixes #1378

---
 app/finders/passwords/wp_login.rb           |  2 +-
 spec/app/finders/passwords/wp_login_spec.rb | 61 +++++++++++++++++++++
 2 files changed, 62 insertions(+), 1 deletion(-)
 create mode 100644 spec/app/finders/passwords/wp_login_spec.rb

diff --git a/app/finders/passwords/wp_login.rb b/app/finders/passwords/wp_login.rb
index 39ea86fa..c037f8f2 100644
--- a/app/finders/passwords/wp_login.rb
+++ b/app/finders/passwords/wp_login.rb
@@ -13,7 +13,7 @@ module WPScan
 
         def valid_credentials?(response)
           response.code == 302 &&
-            response.headers['Set-Cookie']&.any? { |cookie| cookie =~ /wordpress_logged_in_/i }
+            [*response.headers['Set-Cookie']]&.any? { |cookie| cookie =~ /wordpress_logged_in_/i }
         end
 
         def errored_response?(response)
diff --git a/spec/app/finders/passwords/wp_login_spec.rb b/spec/app/finders/passwords/wp_login_spec.rb
new file mode 100644
index 00000000..9f460f71
--- /dev/null
+++ b/spec/app/finders/passwords/wp_login_spec.rb
@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+describe WPScan::Finders::Passwords::WpLogin do
+  subject(:finder) { described_class.new(target) }
+  let(:target)     { WPScan::Target.new(url) }
+  let(:url)        { 'http://ex.lo/' }
+
+  describe '#valid_credentials?' do
+    context 'when a non 302' do
+      it 'returns false' do
+        expect(finder.valid_credentials?(Typhoeus::Response.new(code: 200, headers: {}))).to be_falsey
+      end
+    end
+
+    context 'when a 302' do
+      let(:response) { Typhoeus::Response.new(code: 302, headers: headers) }
+
+      context 'when no cookies set' do
+        let(:headers) { {} }
+
+        it 'returns false' do
+          expect(finder.valid_credentials?(response)).to be_falsey
+        end
+      end
+
+      context 'when no logged_in cookie set' do
+        context 'when only one cookie set' do
+          let(:headers) { 'Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/' }
+
+          it 'returns false' do
+            expect(finder.valid_credentials?(response)).to be_falsey
+          end
+        end
+
+        context 'when multiple cookies set' do
+          let(:headers) do
+            "Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/\r\n" \
+            'Set-Cookie: something=value; path=/'
+          end
+
+          it 'returns false' do
+            expect(finder.valid_credentials?(response)).to be_falsey
+          end
+        end
+      end
+
+      context 'when logged_in cookie set' do
+        let(:headers) do
+          "Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/\r\r" \
+          "Set-Cookie: wordpress_xxx=yyy; path=/wp-content/plugins; httponly\r\n" \
+          "Set-Cookie: wordpress_xxx=yyy; path=/wp-admin; httponly\r\n" \
+          'Set-Cookie: wordpress_logged_in_xxx=yyy; path=/; httponly'
+        end
+
+        it 'returns false' do
+          expect(finder.valid_credentials?(response)).to eql true
+        end
+      end
+    end
+  end
+end