关联漏洞
标题:Drupal core SQL注入漏洞 (CVE-2014-3704)Description:Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal core 7.3之前7.x版本中的database abstraction API中‘expandArguments’函数存在安全漏洞,该漏洞源于程序没有正确构造预处理语句。远程攻击者可借助带有特制键的数组利用该漏洞实施SQL注入攻击。
Description
An rewritten POC on the CVE-2014-3704
介绍
# Drupalgeddon Python3 Edition
An rewritten POC on the CVE-2014-3704, done as part of my CPTS training on HackTheBox.
https://nvd.nist.gov/vuln/detail/CVE-2014-3704
CVE-2014-3704 known as Drupalgeddon, affects versions 7.0 up to 7.31 and was fixed in version 7.32. This was a pre-authenticated SQL injection flaw that could be used to upload a malicious form or create a new admin user.
Only minor changes has been done here, making the script compatible with Python3 and changing some of the formatting of print statements.
######################################################################################
Drupal 7.x SQL Injection SA-CORE-2014-005 https://www.drupal.org/SA-CORE-2014-005
Inspired by yukyuk's P.o.C (https://www.reddit.com/user/fyukyuk)
Tested on Drupal 7.31 with BackBox 3.x
This material is intended for educational
purposes only and the author can not be held liable for
any kind of damages done whatsoever to your machine,
or damages caused by some other,creative application of this material.
In any case you disagree with the above statement,stop here.
######################################################################################
文件快照
[4.0K] /data/pocs/8d7ee76415206d5455bc2dfc51b1c0b926145485
├── [5.6K] drupalgeddon.py
└── [1.2K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。