Translated ['network-services-pentesting/pentesting-web/drupal/README.md

2024-11-23 05:03:35 +00:00 · 2024-08-12 13:10:30 +00:00 · 2024-08-12 13:10:30 +00:00 · bf5fa20b81
commit bf5fa20b81
parent 8d5f933f24
1 changed files with 11 additions and 6 deletions
--- a/network-services-pentesting/pentesting-web/drupal/README.md
+++ b/network-services-pentesting/pentesting-web/drupal/README.md
@ -1,12 +1,12 @@
 # Drupal

 {% hint style="success" %}
-Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
-Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
+Učite i vežbajte AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
+Učite i vežbajte GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

 <details>

-<summary>Podrška HackTricks</summary>
+<summary>Podržite HackTricks</summary>

 * Proverite [**planove pretplate**](https://github.com/sponsors/carlospolop)!
 * **Pridružite se** 💬 [**Discord grupi**](https://discord.gg/hRep4RUj7f) ili [**telegram grupi**](https://t.me/peass) ili **pratite** nas na **Twitteru** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
@ -53,7 +53,7 @@ Novije instalacije Drupala po defaultu blokiraju pristup datotekama `CHANGELOG.t

 #### Registracija

-Na _/user/register_ samo pokušajte da kreirate korisničko ime i ako je ime već zauzeto bićete obavešteni:
+U _/user/register_ samo pokušajte da kreirate korisničko ime i ako je ime već zauzeto bićete obavešteni:

 ![](<../../../.gitbook/assets/image (328).png>)

@ -69,7 +69,7 @@ Ako zatražite novu lozinku za nepostojeće korisničko ime:

 ### Dobijanje broja korisnika

-Pristupanjem _/user/\<number>_ možete videti broj postojećih korisnika, u ovom slučaju je 2 jer _/users/3_ vraća grešku da nije pronađeno:
+Pristupajući _/user/\<number>_ možete videti broj postojećih korisnika, u ovom slučaju je 2 jer _/users/3_ vraća grešku da nije pronađeno:

 ![](<../../../.gitbook/assets/image (333).png>)

@ -102,9 +102,14 @@ Ako imate pristup Drupal web konzoli, proverite ove opcije da biste dobili RCE:
 [drupal-rce.md](drupal-rce.md)
 {% endcontent-ref %}

+## Drupal From XSS to RCE
+Kroz ovu tehniku, moguće je postići **Remote Code Execution (RCE)** u Drupalu putem **Cross-Site Scripting (XSS)**. https://github.com/nowak0x01/Drupalwned
+<br><br>
+**Za detaljnije korake proverite:** https://nowak0x01.github.io/papers/76bc0832a8f682a7e0ed921627f85d1d.html
+
 ## Post Exploitation

-### Pročitajte settings.php
+### Read settings.php
 ```
 find / -name settings.php -exec grep "drupal_hash_salt\|'database'\|'username'\|'password'\|'host'\|'port'\|'driver'\|'prefix'" {} \; 2>/dev/null
 ```