Welcome to WebmasterWorld Guest from 22.214.171.124
Forum Moderators: open
...hundreds of compromised Drupal sites being used to host "cryptojacking" malware that uses the CPUs of visitors to mine cryptocurrency via CoinHive.
ergophone: PS - you could run Drupal 7 indefinitely. If your backup and system audit tools are good enough, so what if you get hacked? If you don't have PCI or HIPPA considerations, restore from backup :-)
joined:Dec 10, 2005
restore from backupThat advice works okay for general sites, but not so much for sites with a lot of UGC. Especially if it's been multiple backups since the hack.
msf > search drupal
-Name -Disclosure Date -Rank -Description
---- --------------- ---- -----------
auxiliary/gather/drupal_openid_xxe 2012-10-17 normal Drupal OpenID External Entity Injection
auxiliary/scanner/http/drupal_views_user_enum 2010-07-02 normal Drupal Views Module Users Enumeration
exploit/multi/http/drupal_drupageddon 2014-10-15 excellent Drupal HTTP Parameter Key/Value SQL Injection
exploit/unix/webapp/drupal_coder_exec 2016-07-13 excellent Drupal CODER Module Remote Command Execution
exploit/unix/webapp/drupal_drupalgeddon2 2018-03-28 excellent Drupal Drupalgeddon 2 Forms API Property Injection
exploit/unix/webapp/drupal_restws_exec 2016-07-13 excellent Drupal RESTWS Module Remote PHP Code Execution
exploit/unix/webapp/php_xmlrpc_eval 2005-06-29 excellent PHP XML-RPC Arbitrary Code Execution