dty97501 2015-11-06 20:34
浏览 31

节点用户上的Drupal Blind SQL注入7.34

So we inherited this drupal web application from a third party. We are not familiar with Drupal or PHP much & tried running a security scan on the url and found the following vulnerability:

Blind SQL Injection on http://www.appname.com/search/node/user?page=2

I am not 100% sure or if this is false alarm or if we need to remediate it.

Our version is Drupal 7.34, PHP 5.3.3

Is this a known security vulnerability on this drupal version and is there a patch I can apply?

Or would this need code fix.

I would appreciate some responses from drupal experts.

Scan Results:

1 Request

Payload page=2')%20or%20's'%3D's Request GET http://www.myapp.com/search/node/user?page=2')%20or%20's'%3D's

1 Referer: https://www.myapp.com/AppName/

2 Cookie: hubspotutk=83eb34050462bfd32039cf97dffcf9d7; hsfirstvisit=http%3A%2F%2Fwww.myapp.com%2F||1445954937604; has_js=1;

__hstc=152192870.83eb34050462bfd32039cf97dffcf9d7.1445954937606.1445954937606.1445954937606.1; __hssrc=1; __atssc=link%3B2; Click this link to try to reproduce the vulnerability using above payload.Note that clicking this link may not lead to visible results, either because the vulnerability requires context to be previously set (authentication, cookies...) or because the exploitation of the vulnerability does not lead to any visible proof.

1 Response

This vulnerability was identified using the difference in responses for TRUE and FALSE payloads. This vulnerability is confirmed based on the difference in the response content (detected using fuzzy match). Content of all TRUE responses differ from FALSE responses (detected using fuzzy match). True condition: http://www.myapp.com/search/node/user?page=2')%20or%20's'%3D's False condition: http://www.myapp.com/search/node/user?page=2')%20and%20'w'%3D's

  • 写回答

1条回答 默认 最新

  • douna1892 2015-11-08 22:36
    关注

    Drupal is actually in version 7.41, a few versions btw 7.34 and 7.41 were critical, so i would suggest to upgrade (even if the last major one was before 7.34). Because it is hard to tell what is using your site (openID, ...?), even if a problem on search modules do not rng a bell to me. Also take a look at the search module you have on this site, it might be a completly outdated contribued module.

    评论

报告相同问题?

悬赏问题

  • ¥15 MATLAB动图问题
  • ¥15 【提问】基于Invest的水源涵养
  • ¥20 微信网友居然可以通过vx号找到我绑的手机号
  • ¥15 寻一个支付宝扫码远程授权登录的软件助手app
  • ¥15 解riccati方程组
  • ¥15 display:none;样式在嵌套结构中的已设置了display样式的元素上不起作用?
  • ¥15 使用rabbitMQ 消息队列作为url源进行多线程爬取时,总有几个url没有处理的问题。
  • ¥15 Ubuntu在安装序列比对软件STAR时出现报错如何解决
  • ¥50 树莓派安卓APK系统签名
  • ¥65 汇编语言除法溢出问题