Drupal (CMS)

Frist check changelog.txt to see the version.
try admin / admin@123 default creds 
​
Drupalgeddon exploit RCE maybe the one to go.
drpalgeddon2.rb github 
you might need to install highline (google the error)
or 
drupscan
​
if it's 7 <= 7.57, the following script should work.
GitHub - pimps/CVE-2018-7600: Exploit for Drupal 7 <= 7.57 CVE-2018-7600
GitHub
​

Elastix

SQL & LFI

Last modified 1yr ago