infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update references URLs

MS-2855/keylogger-mettle-extension
WhiteWinterWolf 2017-11-17 13:27:35 +01:00
parent a636380e4b
commit 2be3433bdb
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
modules/exploits/multi/http/drupal_drupageddon.rb
View File

@ -43,7 +43,8 @@ class MetasploitModule < Msf::Exploit::Remote
[
['CVE', '2014-3704'],
['URL', 'https://www.drupal.org/SA-CORE-2014-005'],
['URL', 'http://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html']
['URL', 'http://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html'],
['URL', 'https://www.whitewinterwolf.com/posts/2017/11/16/drupageddon-revisited-a-new-path-from-sql-injection-to-remote-command-execution-cve-2014-3704/']
],
'Privileged' => false,
'Platform' => ['php'],
@ -72,8 +73,6 @@ class MetasploitModule < Msf::Exploit::Remote
##
# Form-cache PHP injection method
# See details on:
# https://www.whitewinterwolf.com/posts/2017/11/16/drupageddon-revisited-a-new-path-from-sql-injection-to-remote-command-execution-cve-2014-3704/
##
def sql_insert(id, value)