CVE-2018-7600

This Metasploit module exploits CVE-2018-7600 (Drupalgeddon2) to achieve remote code execution on vulnerable Drupal installations by leveraging form API manipulation and PHP payload execution.

This exploit targets a Drupal RESTWS module vulnerability (CVE-2018-7600) to achieve remote code execution (RCE) by injecting malicious payloads via AJAX form manipulation. It writes a file ('hello.txt') to verify successful exploitation.

This Ruby script exploits CVE-2018-7600 (Drupalgeddon2), a remote code execution vulnerability in Drupal. It leverages form API manipulation to inject malicious payloads via #post_render or #lazy_builder callbacks, achieving RCE on vulnerable Drupal installations.

This repository provides a curated list of references and external PoCs for CVE-2018-7600, a critical RCE vulnerability in Drupal. It includes links to technical analyses, exploit code, and advisory details but does not contain direct exploit code itself.

This repository contains a functional exploit for CVE-2018-7600, targeting Drupal versions 7.x and 8.x with remote code execution via the 'Drupalgeddon2' vulnerability. It supports both direct command execution and writing a PHP shell to the web root or subdirectories.

This PoC exploits CVE-2018-7600 in Drupal by leveraging a vulnerability in form API handling to achieve remote code execution (RCE). It sends a crafted POST request to execute arbitrary commands via the 'mail[#post_render][]' parameter.

This repository contains two Python scripts that exploit CVE-2018-7600 and CVE-2018-7602 in Drupal 7, allowing remote code execution by poisoning forms and triggering them via AJAX. The exploits are functional and demonstrate command execution on vulnerable systems.

This repository contains multiple proof-of-concept exploits for CVE-2018-7600, a remote code execution vulnerability in Drupal 7 and 8. The exploits leverage Drupal's form API to execute arbitrary commands via crafted POST requests.

This is a functional exploit for CVE-2018-7600, targeting Drupal 7.x unauthenticated RCE via form API manipulation. The PoC uses a two-step request process to trigger command execution via the 'passthru' function.

This repository provides a curated list of references and external PoCs for CVE-2018-7600, a critical RCE vulnerability in Drupal. It includes links to technical analyses, exploit code, and advisory details but does not contain functional exploit code itself.

This is a functional exploit for CVE-2018-7600, targeting Drupal's remote code execution vulnerability via form API manipulation. It sends crafted POST requests to execute arbitrary OS commands on vulnerable Drupal installations.

This repository contains a Python script that exploits CVE-2018-7600, a remote code execution vulnerability in Drupal 7.x and 8.x. The script sends a malicious POST request to a target Drupal site to execute arbitrary commands and verify vulnerability by checking for a created file.

This repository contains a working exploit PoC for CVE-2018-7600, a remote code execution vulnerability in Drupal 7. The exploit leverages form API manipulation to execute arbitrary commands via the `passthru` function.

This is a Python-based exploit for CVE-2018-7600 (Drupalgeddon 2), which targets a remote code execution vulnerability in Drupal. The script sends a crafted POST request to execute arbitrary commands on vulnerable Drupal installations and retrieves output via a temporary file.

This repository contains a functional exploit for CVE-2018-7600, a Drupal remote code execution vulnerability. The exploit leverages the Drupal AJAX system to execute arbitrary commands by manipulating form inputs, specifically targeting the 'mail' field to inject and execute bash commands.

This is a Perl script exploiting CVE-2018-7600, a remote code execution vulnerability in Drupal. It leverages the Drupal AJAX form API to inject malicious markup, leading to arbitrary command execution.

This is a Metasploit module for CVE-2018-7600 (Drupalgeddon 2), which exploits a remote code execution vulnerability in Drupal versions before 7.58, 8.3.9, 8.4.6, and 8.5.1. The exploit leverages the user registration form to execute arbitrary PHP code via a crafted multipart form submission.

This PoC exploits CVE-2018-7600 in Drupal 8 via REST API endpoints to achieve remote code execution (RCE). It sends crafted payloads to '/node/1' and '/user/register' endpoints to trigger deserialization vulnerabilities.

This is a Python-based mass exploiter for CVE-2018-7600, targeting Drupal 7 and 8 remote code execution vulnerabilities. It uses asynchronous HTTP requests to test and exploit multiple targets concurrently.

This is a functional exploit for CVE-2018-7600 (Drupalgeddon 2), which allows remote code execution on vulnerable Drupal installations via a crafted POST request to the user registration endpoint. The script includes both a test mode to verify vulnerability and an exploitation mode to execute arbitrary commands.

This is a functional exploit for CVE-2018-7600 (Drupalgeddon 2), targeting a remote code execution vulnerability in Drupal. It leverages the vulnerability to execute arbitrary commands via a crafted POST request to the user registration endpoint.

This PoC exploits CVE-2018-7600, a Drupal remote code execution vulnerability via AJAX form manipulation. It sends a crafted payload to execute arbitrary commands (e.g., writing a file) without authentication.

This repository contains a Python-based mass vulnerability scanner for CVE-2018-7600 (Drupalgeddon 2), which checks multiple URLs for the presence of the vulnerability by sending a crafted POST request to exploit the Drupal REST API endpoint. It does not execute a full exploit but confirms vulnerability by checking the response status code.

This repository contains functional exploit code for CVE-2018-7600 (Drupalgeddon2), demonstrating remote code execution (RCE) in vulnerable Drupal versions. The exploit targets Drupal 7.x and 8.x via form API manipulation and the #post_render parameter, supporting both direct command execution and PHP shell deployment.

This repository contains a bash script designed to scan Apache logs for indicators of compromise (IOCs) related to CVE-2018-7600 (Drupalgedon2). It searches for specific patterns associated with exploitation attempts and known malicious IPs.

This Python3 script exploits CVE-2018-7600 (Drupalgeddon2), a critical RCE vulnerability in Drupal 7.x and 8.x. It sends a crafted POST request to the `/user/register` endpoint to execute arbitrary commands, including a reverse shell payload.

This Perl script exploits CVE-2018-7600, a Drupal remote code execution vulnerability, by sending crafted POST requests to vulnerable endpoints. It includes multiple payload variations to trigger command execution via Drupal's form API.

This is a functional exploit for CVE-2018-7600, targeting Drupal 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1. It leverages a remote code execution vulnerability via crafted form input to execute arbitrary commands on the target system.

This repository contains a mass exploiter for CVE-2018-7600 and CVE-2018-7602, targeting Drupal 7 and 8. It automates the exploitation process by sending crafted HTTP requests to execute arbitrary commands on vulnerable systems.

This exploit targets CVE-2018-7600, a remote code execution vulnerability in Drupal 7 and 8. It leverages form API manipulation to inject and execute arbitrary commands via the password recovery and file upload mechanisms.

This is a functional exploit PoC for CVE-2018-7600 (Drupalgeddon 2), targeting Drupal 7.x and 8.x. It checks for vulnerability by executing a benign command ('echo GOOD') via remote code execution (RCE) through crafted HTTP requests.

This repository contains a functional Python exploit for CVE-2018-7600 (Drupalgeddon2), which achieves unauthenticated remote code execution on Drupal versions < 7.58 and < 8.5.1. The exploit automates the deployment of a PHP web shell and provides both single-command execution and an interactive shell mode.

This repository provides a detailed technical analysis of CVE-2018-7600 (Drupalgeddon2), including system analysis, exploitation steps, and remediation recommendations. It demonstrates the vulnerability in Drupal 8.5.0, showing how the Form API and Render Array engine can be exploited for Remote Code Execution (RCE).

The repository contains multiple functional exploit scripts for CVE-2018-7600 (Drupalgeddon2), targeting both Drupal 7 and 8. The exploits leverage form API manipulation to achieve remote code execution (RCE) via crafted payloads in the user registration or password recovery forms.

This repository contains a functional Ruby-based exploit for CVE-2018-7600, a remote code execution vulnerability in Drupal. The exploit leverages a deserialization flaw in Drupal's form API to upload a malicious PHP shell and execute arbitrary commands.

This is a detailed technical writeup for exploiting CVE-2018-7600 (Drupalgeddon2) on a VulnHub DC-1 machine, covering reconnaissance, exploitation via Metasploit, privilege escalation, and flag retrieval. It includes step-by-step commands, technical explanations, and references.

This repository provides a functional exploit PoC for CVE-2018-7600 (Drupalgeddon2) targeting Drupal 7.56, including a Docker-based lab environment for testing. The exploit leverages a vulnerability in Drupal's Form API to achieve unauthenticated remote code execution.

The repository contains a functional exploit for CVE-2018-7600, a remote code execution vulnerability in Drupal. The exploit leverages improper input sanitization in form API to execute arbitrary commands via crafted POST requests.

This repository contains a functional Python exploit for CVE-2018-7600, a remote code execution vulnerability in Drupal. The exploit leverages the Drupal AJAX system to inject arbitrary commands via the 'exec' markup, demonstrating the vulnerability by creating a file with user and group information.

This repository is a writeup demonstrating the exploitation of CVE-2018-7600 (Drupalgeddon2) on Drupal 7.57, comparing unprotected and WAF-protected scenarios using Metasploit. It does not contain exploit code but describes the setup and tools used for exploitation.

This repository contains a functional Python exploit for CVE-2018-7600 (Drupalgeddon 2), targeting Drupal 7. It automates remote command execution by leveraging Drupal's form API to inject and execute arbitrary commands via multiple PHP functions.

This is a Python-based scanner for detecting Drupal installations vulnerable to CVE-2018-7600 (Drupalgeddon2). It sends two HTTP requests to check for vulnerability indicators but does not exploit the vulnerability or execute payloads.

This is a Python-based exploit for CVE-2018-7600 (Drupalgeddon 2), a critical RCE vulnerability in Drupal. It leverages form manipulation and AJAX endpoint abuse to execute arbitrary commands on unpatched Drupal installations.

This Rust-based PoC exploits CVE-2018-7600 in Drupal 7 by poisoning a cached form with a malicious renderable array and triggering remote code execution via the file/ajax endpoint. It automates the two-step attack (poison and trigger) and supports custom commands and PHP functions.

This repository contains a Python-based proof-of-concept exploit for CVE-2018-7600, a remote code execution vulnerability in Drupal. The exploit leverages insufficient sanitization in form API AJAX requests to execute arbitrary commands on vulnerable Drupal instances.

This is a functional exploit for CVE-2018-7600 (Drupalgeddon2), targeting Drupal 7.x to achieve unauthenticated remote code execution via form manipulation and passthru() injection.

This repository contains a Python-based proof-of-concept exploit for CVE-2018-7600 (Drupalgeddon2), a remote code execution vulnerability in Drupal. The script includes features for vulnerability checking, multithreading, and command execution on vulnerable Drupal instances.

This repository provides a proof-of-concept exploit for CVE-2018-7600 (Drupalgeddon 2), an unauthenticated remote code execution vulnerability in Drupal. It includes instructions for setting up a vulnerable environment using Docker and demonstrates the exploit via a crafted HTTP POST request.

This repository contains a Python-based exploit for CVE-2018-7600, a remote code execution vulnerability in Drupal 7.x and 8.x. The script sends a malicious POST request to trigger the vulnerability and checks for a file created by the exploit to confirm success.

This repository contains a functional Python exploit for CVE-2018-7600, a blind RCE vulnerability in Drupal. The exploit leverages the Drupal form API to inject and execute arbitrary commands via crafted POST requests.

This repository contains a functional exploit for CVE-2018-7600, a Drupal remote code execution vulnerability. The exploit leverages the Form API's Ajax endpoint to inject malicious payloads via the #post_render key, allowing arbitrary command execution on vulnerable Drupal installations.

This is a functional proof-of-concept exploit for CVE-2018-7600, a remote code execution vulnerability in Drupal. It leverages the Drupal AJAX form API to execute arbitrary commands via a pseudo-shell interface.

This is a functional exploit for CVE-2018-7600, targeting Drupal's remote code execution vulnerability via form API manipulation. The PoC sends a crafted POST request to execute arbitrary commands (e.g., writing a file) and verifies success by checking the created file.

This Perl script exploits CVE-2018-7600, a Drupal remote code execution vulnerability, by sending crafted POST requests to vulnerable endpoints. It includes multiple payload variations to trigger command execution via Drupal's form API.

This script is a network sniffer that detects exploitation attempts of CVE-2018-7600 (Drupalgeddon2) by monitoring HTTP traffic for specific patterns indicative of the vulnerability. It also logs FTP brute force attempts and other network traffic details to a CSV file.

This is a functional exploit for CVE-2018-7600 (Drupalgeddon2), which leverages a property injection vulnerability in Drupal's Forms API to achieve remote code execution. The script allows testing for vulnerability and executing arbitrary commands via configurable PHP functions like passthru.

This repository is a README file referencing a Docker container for CVE-2018-7600, a Drupal remote code execution vulnerability. It does not contain exploit code but points to external sources for vulnerable environments.

The repository contains only a README.md file referencing an exploit for CVE-2018-7600 (Drupalgeddon2) but lacks any actual exploit code or implementation details.

This repository contains a functional exploit for CVE-2018-7600 (Drupalgeddon2), targeting Drupal versions < 7.58, < 8.3.9, < 8.4.6, and < 8.5.1. The exploit leverages the #post_render and #lazy_builder parameters to achieve remote code execution (RCE) via PHP's exec function.

This is a functional exploit for CVE-2018-7600 (Drupalgeddon2), leveraging a remote code execution vulnerability in Drupal via malicious form input manipulation. The script sends crafted POST requests to trigger arbitrary command execution on vulnerable Drupal installations.

This repository contains multiple proof-of-concept exploits for CVE-2018-7600, a remote code execution vulnerability in Drupal. The exploits target Drupal versions 7.x, 8.x, and 6.x, leveraging the `#post_render` parameter to execute arbitrary commands.

This PoC exploits CVE-2018-7600, a Drupal RESTful Web Services (REST) module vulnerability, by sending a crafted AJAX request to execute arbitrary commands via the lazy_builder system. The exploit demonstrates command injection by executing 'ls -la'.

The repository contains a functional Python exploit for CVE-2018-7600, a remote code execution vulnerability in Drupal 7.x and 8.x. The script sends a crafted POST request to trigger the vulnerability and checks for a file created by the payload to confirm exploitation.

The repository contains a Python script that scans for CVE-2018-7600, a Drupal remote code execution vulnerability, by attempting to write a file to the target system. It does not execute arbitrary commands but checks for vulnerability by verifying the presence of a created file.

The repository contains a Python script that scans for Drupal versions and checks vulnerability status against CVE-2018-7600 and CVE-2018-7602. It does not include exploit code but identifies potentially vulnerable versions.

This Metasploit module exploits CVE-2018-7600, a property injection vulnerability in Drupal's Forms API, allowing remote code execution on unpatched Drupal installations. It supports multiple targets, including Drupal 7.x and 8.x, with various payload delivery methods.