From bc4f0c002bedeae600f29f0a71dec8b29f20a8e8 Mon Sep 17 00:00:00 2001
From: Christian Mehlmauer <firefart@gmail.com>
Date: Wed, 19 Nov 2014 10:50:04 +0100
Subject: [PATCH] added check for valid credentials

---
 wpscan.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/wpscan.rb b/wpscan.rb
index 9bdc00ac..ca9ecfea 100755
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -95,6 +95,12 @@ def main
       raise 'Basic authentication is required, please provide it with --basic-auth <login:password>'
     end
 
+    # test for valid credentials
+    unless wpscan_options.basic_auth.nil?
+      res = Browser.get_and_follow_location(wp_target.url)
+      raise 'Invalid credentials supplied' if res && res.code == 401
+    end
+
     # Remote website is wordpress?
     unless wpscan_options.force
       unless wp_target.wordpress?