exploitdb
WORKING POC
VERIFIED
by Stefan Horst · phpwebappsphp
https://www.exploit-db.com/exploits/35150
This exploit leverages a pre-authentication SQL injection vulnerability in Drupal to inject a malicious serialized session payload, leading to remote code execution via session deserialization. The payload is delivered through a crafted cookie, bypassing authentication.
Classification
Working Poc 95%
Target:
Drupal < 7.32
No auth needed
Prerequisites:
HTTPS URL of the target Drupal site · PHP environment to execute the script
exploitdb
WORKING POC
VERIFIED
by Dustin Dörr · phpwebappsphp
https://www.exploit-db.com/exploits/34993
This exploit leverages a SQL injection vulnerability in Drupal 7.x prior to 7.32 by crafting a malicious POST request to modify the admin user's password. The payload updates the admin password to a known hash, allowing authentication bypass.
Classification
Working Poc 100%
Target:
Drupal core 7.x versions prior to 7.32
No auth needed
Prerequisites:
Target must be running vulnerable Drupal version · Access to the target URL
exploitdb
WORKING POC
VERIFIED
by Claudio Viviani · pythonwebappsphp
https://www.exploit-db.com/exploits/34992
This exploit targets CVE-2014-3704, a SQL injection vulnerability in Drupal 7.x. It leverages the vulnerability to execute arbitrary SQL queries, potentially leading to authentication bypass or remote code execution.
Classification
Working Poc 95%
Target:
Drupal 7.x
No auth needed
Prerequisites:
Target must be running a vulnerable version of Drupal 7.x
exploitdb
WORKING POC
VERIFIED
by stopstene · pythonwebappsphp
https://www.exploit-db.com/exploits/34984
This exploit leverages a SQL injection vulnerability in Drupal 7.x to reset the admin password by manipulating the 'name' parameter in a POST request. It uses the DrupalHash library to generate a valid password hash for the target user.
Classification
Working Poc 95%
Target:
Drupal 7.x
No auth needed
Prerequisites:
Target Drupal site URL · Desired username and password for the admin account
exploitdb
WORKING POC
by Stefan Horst · phpwebappsphp
https://www.exploit-db.com/exploits/44355
This exploit leverages a pre-authentication SQL injection vulnerability in Drupal by crafting a malicious session cookie. It injects a UNION SELECT statement to create a session for a specified user ID, bypassing authentication.
Classification
Working Poc 95%
Target:
Drupal (versions prior to 7.32)
No auth needed
Prerequisites:
HTTPS URL of the target Drupal site · User ID to impersonate (default is 1 for admin)
nomisec
WORKING POC
1 stars
by Neldeborg · remote
https://github.com/Neldeborg/Drupalgeddon-Python3
This is a Python3 rewrite of the original Drupalgeddon (CVE-2014-3704) exploit, which targets a pre-authentication SQL injection vulnerability in Drupal 7.x (7.0 to 7.31). The exploit creates a new administrator user by injecting malicious SQL into the 'name' parameter during login.
Classification
Working Poc 95%
Target:
Drupal 7.0 to 7.31
No auth needed
Prerequisites:
Target must be running vulnerable Drupal version (7.0-7.31) · Network access to the target
nomisec
WORKING POC
1 stars
by happynote3966 · remote-auth
https://github.com/happynote3966/CVE-2014-3704
This is a Python-based exploit for CVE-2014-3704, a SQL injection vulnerability in Drupal 7.x. It automates the exploitation process by crafting malicious requests to extract user credentials and gain unauthorized access.
Classification
Working Poc 95%
Target:
Drupal 7.x
No auth needed
Prerequisites:
Target URL with vulnerable Drupal installation · Network access to the target
nomisec
WORKING POC
by fbm31 · poc
https://github.com/fbm31/Audit-BlackBox-Web-to-Root
This repository contains a functional Python exploit for CVE-2014-3704 (Drupalgeddon), which performs SQL injection to create an admin user in Drupal 7.x. It includes a detailed writeup of a black-box audit leading to root access via additional misconfigurations.
Classification
Working Poc 95%
Target:
Drupal 7.x
No auth needed
Prerequisites:
Drupal 7.x installation with vulnerable API · Network access to target web server
nomisec
WORKING POC
by joaomorenorf · remote
https://github.com/joaomorenorf/CVE-2014-3704
This is a Python-based exploit for CVE-2014-3704, a SQL injection vulnerability in Drupal 7.x. It includes functionality to generate random user agents and perform password hashing for Drupal 7, likely to facilitate authentication bypass or privilege escalation.
Classification
Working Poc 95%
Target:
Drupal 7.x
No auth needed
Prerequisites:
Target Drupal 7.x installation · Network access to the target
nomisec
WORKING POC
by AleDiBen · poc
https://github.com/AleDiBen/Drupalgeddon
This PoC exploits CVE-2014-3704 (Drupalgeddon) by injecting malicious cache entries into Drupal's form cache, leading to remote code execution via PHP deserialization and eval. It includes a reverse shell payload targeting a specified IP and port.
Classification
Working Poc 95%
Target:
Drupal 7.x
No auth needed
Prerequisites:
Target running vulnerable Drupal 7.x · Network access to the target
metasploit
WORKING POC
EXCELLENT
by SektionEins, WhiteWinterWolf, Christian Mehlmauer, Brandon Perry · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/drupal_drupageddon.rb
This Metasploit module exploits CVE-2014-3704 (Drupageddon), a SQL injection vulnerability in Drupal 7.0-7.31, to achieve remote code execution via two methods: form-cache PHP injection and user-post PHP injection.
Classification
Working Poc 100%
Target:
Drupal 7.0 - 7.31
No auth needed
Prerequisites:
Drupal installation with vulnerable version (7.0-7.31) · Access to the Drupal login page