From a18f1347f81cdd0346be557e2cd44954987b0cbd Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Fri, 13 Apr 2018 16:25:11 +0700
Subject: [PATCH] [Tools][Exploits] Add exploits for CVE-2018-7600 a.k.a
 Drupalgeddon 2

---
 README.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/README.md b/README.md
index ff370ea..bd68fd9 100644
--- a/README.md
+++ b/README.md
@@ -1102,6 +1102,16 @@ My curated list of awesome links, resources and tools
             </ul>
         </td>
     </tr>
+    <tr>
+        <td>CVE-2018-7600</td>
+        <td>Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
+            <ul>
+                <li><a href="https://www.exploit-db.com/exploits/44449">Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution</a></li>
+                <li><a href="https://github.com/a2u/CVE-2018-7600">a2u/CVE-2018-7600</a></li>
+                <li><a href="https://research.checkpoint.com/uncovering-drupalgeddon-2/">Uncovering Drupalgeddon 2</a></li>
+            </ul>
+        </td>
+    </tr>
     <tr>
         <td><a href="https://github.com/Eplox/TCP-Starvation">Eplox/TCP-Starvation</a></td>
         <td>The idea behind this attack is to close a TCP session on the attacker's side, while leaving it open for the victim. Looping this will quickly fill up the victim’s session limit, effectively denying other users to access the service.</td>