bWAPP - Drupal SQL Injection Drupageddon скачать в хорошем качестве

bWAPP - Drupal SQL Injection Drupageddon

Drupal SQL Injection (Drupageddon) - Low Security Level Solution: Step 1. On your lesson page click on Drupal, note a new window pops up with user login form. Step 2. On your lesson page click on CVE-2014-3704, note a new window pops up and it gives Description and References about the CVE. Step 3. Click on the url https://www.exploit-db.com/exploits/3..., a new window pops up; Click on Downloads next to Exploit and save the file. If you want you can change the file name, I am not changing. Step 4. Open the downloaded file, with the text editor of your choice and then Locate - $url = 'http://www.example.com'; Change the $url value with your Drupal url - http://10.0.2.4/drupal/ Make changes and save the file. (Follow video for more details) Close the file Step 5. Open command prompt and open the downloaded exploit file with .php extension Go to the location where the file is downloaded and then give below command. Command: php 34993.php (If you have changed the file name then change the name here). Check the output: Success! Log in with username "admin" and password "admin" at http://10.0.2.4/drupal/user/login Step 6. Go to the Drupal page and login with Username: admin and Password: admin. Note: You have logged in successfully. PseudoTime