diff --git a/docs/content/development/adding-exploits.md b/docs/content/development/adding-exploits.md index 468d17055..bb720af28 100644 --- a/docs/content/development/adding-exploits.md +++ b/docs/content/development/adding-exploits.md @@ -39,7 +39,7 @@ class MyNewExploiter(HostExploiter): ... ``` -A good example of an exploiter class is the [`SSHExploiter`](https://github.com/guardicore/monkey/blob/develop/monkey/infection_monkey/exploit/sshexec.py). The [Drupal exploiter is a recently added web RCE exploit](https://github.com/guardicore/monkey/pull/808) that is a good reference as well. +A good example of an exploiter class is the [`SSHExploiter`](https://github.com/guardicore/monkey/blob/develop/monkey/infection_monkey/exploit/sshexec.py). The [Log4Shell exploiter is a recently added web RCE exploit](https://github.com/guardicore/monkey/pull/1670) that is a good reference as well. ### Modify the Monkey Island @@ -83,7 +83,7 @@ A good example of an exploiter class is the [`SSHExploiter`](https://github.com/ "default": [ "SmbExploiter", ... - "DrupalExploiter", + "Log4ShellExploiter", "MyNewExploiter", <================================= ], } diff --git a/docs/content/reference/exploiters/Drupal.md b/docs/content/reference/exploiters/Drupal.md deleted file mode 100644 index 5763b0ca8..000000000 --- a/docs/content/reference/exploiters/Drupal.md +++ /dev/null @@ -1,35 +0,0 @@ ---- -title: "Drupal" -date: 2020-09-01T08:42:46+03:00 -draft: false -tags: ["exploit", "linux", "windows"] ---- - -The Drupal exploiter exploits [CVE-2019-6340](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6340) -on a vulnerable Drupal server. - -### Description - -Some field types do not properly sanitize data from non-form sources in certain versions -of Drupal server. - -This can lead to arbitrary PHP code execution in some cases. - - -### Affected Versions - -* Drupal 8.5.x (before 8.5.11) and Drupal 8.6.x (before 8.6.10). - -One of the following conditions must hold: -* The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH -or POST requests; OR -* The site has another web services module enabled, like JSON:API in -Drupal 8, or Services or RESTful Web Services in Drupal 7. - - -### Notes - -* The Infection Monkey exploiter implementation is based on an open-source -[Python implementation](https://gist.github.com/leonjza/d0ab053be9b06fa020b66f00358e3d88/f9f6a5bb6605745e292bee3a4079f261d891738a) -of the exploit by @leonjza. -* For the full attack to work, more than one vulnerable URL is required.