HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

CVE-2018-7600 - Drupal 7.x RCE

Status
Not open for further replies.
dEEpEst

dEEpEst

☣☣ In The Depths ☣☣
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
Joined
Mar 29, 2018
Messages
13,861
Solutions
4
Reputation
27
Reaction score
45,549
Points
1,813
Credits
55,350
‎7 Years of Service‎
 
56%
CVE-2018-7600 - Drupal 7.x RCE

Drupal < 7.58 unauthenticated RCE

Requirements

  • python3
  • python requests (pip install requests)

Usage

  • Install dependencies
  • modify the HOST variable in the script
  • run the code
  • win

Just install requests (pip install requests), edit the file to change the host and run the exploit:

python .\poc.py uid=33(www-data) gid=33(www-data) groups=33(www-data) [{"command":"settings",......




To see this hidden content, you must like this content.
 
Please note, if you want to make a deal with this user, that it is blocked.
nice share man but is it a silent exploit ?

 
Status
Not open for further replies.
Back
Top