Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2025-02-16 14:08:26 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update README.md

Browse source
This commit is contained in:
Hudson Nowak 2024-07-25 15:23:02 -03:00 committed by GitHub
parent 153b61c0bc
commit b4f44b8224
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
network-services-pentesting/pentesting-web/drupal/README.md
View file

@ -112,6 +112,11 @@ If you have access to the Drupal web console check these options to get RCE:
[drupal-rce.md](drupal-rce.md)
{% endcontent-ref %}
## Drupal From XSS to RCE
Through this technique, it is possible to achieve **Remote Code Execution (RCE)** in Drupal via **Cross-Site Scripting (XSS)**. https://github.com/nowak0x01/Drupalwned
<br><br>
**For more detailed steps check:** https://nowak0x01.github.io/papers/76bc0832a8f682a7e0ed921627f85d1d.html
## Post Exploitation
### Read settings.php