[Tools][Exploits] Add exploits for CVE-2018-7600 a.k.a Drupalgeddon 2

2024-06-27 06:02:09 +00:00 · 2018-04-13 16:25:11 +07:00 · 2018-04-13 16:25:11 +07:00 · a18f1347f8
commit a18f1347f8
parent 5f892a73b7
1 changed files with 10 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -1102,6 +1102,16 @@ My curated list of awesome links, resources and tools
            </ul>
        </td>
    </tr>
+    <tr>
+        <td>CVE-2018-7600</td>
+        <td>Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
+            <ul>
+                <li><a href="https://www.exploit-db.com/exploits/44449">Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution</a></li>
+                <li><a href="https://github.com/a2u/CVE-2018-7600">a2u/CVE-2018-7600</a></li>
+                <li><a href="https://research.checkpoint.com/uncovering-drupalgeddon-2/">Uncovering Drupalgeddon 2</a></li>
+            </ul>
+        </td>
+    </tr>
    <tr>
        <td><a href="https://github.com/Eplox/TCP-Starvation">Eplox/TCP-Starvation</a></td>
        <td>The idea behind this attack is to close a TCP session on the attacker's side, while leaving it open for the victim. Looping this will quickly fill up the victim’s session limit, effectively denying other users to access the service.</td>