Exploitation of Drupalgeddon2 Flaw Starts After Publication of PoC Code

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
The exploitation of a very dangerous Drupal vulnerability has started after the publication of proof-of-concept (PoC) code.
The code, hosted on GitHub, was created by Vitalii Rudnykh, a Russian security researcher. The code is based on a breakdown of the Drupalgeddon2 vulnerability published by Check Point and Dofinity researchers. It all happened within a few hours between Check Point's blog post, Rudnykh's PoC, and the start of exploitation attempts —first spotted by web security firm Sucuri.

Sucuri: Not a lot of exploitation attempts yet
"Not seeing a lot of attempts yet, just a couple from a few IP addresses," Daniel Cid, VP of Engineering at GoDaddy and CTO/Founder of Sucuri told Bleeping Computer in a private conversation last night.Cid told us that most exploitation attempts are "based on the PoC shared on GitHub," but other attackers might be working on their own code as well.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top