diff --git a/lib/wpscan/wp_target.rb b/lib/wpscan/wp_target.rb
index 1fbcd362..406f7213 100644
--- a/lib/wpscan/wp_target.rb
+++ b/lib/wpscan/wp_target.rb
@@ -97,7 +97,8 @@ class WpTarget
if index_body[/\/wp-content\/(?:themes|plugins)\//i]
@wp_content_dir = "wp-content"
else
- @wp_content_dir = index_body[/(?:href|src)\s*=\s*(?:"|').+#{Regexp.escape(uri_path)}([^"']+)\/(?:themes|plugins)\/.*(?:"|')/i, 1]
+ domains_excluded = "(?:www\.)?(facebook|twitter)\.com"
+ @wp_content_dir = index_body[/(?:href|src)\s*=\s*(?:"|').+#{Regexp.escape(uri_path)}((?!#{domains_excluded})[^"']+)\/(?:themes|plugins)\/.*(?:"|')/i, 1]
end
end
@wp_content_dir
diff --git a/spec/fixtures/wpscan/wp_target/wp_content_dir/facebook-detection.htm b/spec/fixtures/wpscan/wp_target/wp_content_dir/facebook-detection.htm
new file mode 100755
index 00000000..968d3c4b
--- /dev/null
+++ b/spec/fixtures/wpscan/wp_target/wp_content_dir/facebook-detection.htm
@@ -0,0 +1,11 @@
+
+
+
+
+
+
+
+
+
+
+
diff --git a/spec/lib/wpscan/wp_target_spec.rb b/spec/lib/wpscan/wp_target_spec.rb
index d8bfb10d..0792e92a 100644
--- a/spec/lib/wpscan/wp_target_spec.rb
+++ b/spec/lib/wpscan/wp_target_spec.rb
@@ -107,6 +107,7 @@ describe WpTarget do
@expected = "hello-world"
end
+
it "should return 'wp-content'" do
@target_url = "http://lamp/wordpress-3.4.1"
@fixture = fixtures_dir + "/wordpress-3.4.1.htm"
@@ -155,6 +156,11 @@ describe WpTarget do
@expected = "wp-content"
end
+ it "should not detect facebook.com as a custom wp-content directory" do
+ @target_url = "http://lamp.localhost/"
+ @fixture = fixtures_dir + "/facebook-detection.htm"
+ @expected = nil
+ end
end
describe "#wp_plugins_dir" do