Created
October 20, 2014 16:05
-
-
Save joshkoenig/fdd6a0b382c813ab7c33 to your computer and use it in GitHub Desktop.
Drupal SA-CORE-2014-005 "drplsys" user attack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Here's the latest attack we're seeing: | |
insert into users values (99992, 'drplsys', '$S$DeaaG6rBb1N73WEtKMW.cvIwP3f9/VP1M9ZJVu1mRiaH/bGu1bTK', '4585856489@mail.com', '', '', NULL,0,0,0,1,NULL,'',0,'',NULL); | |
Will create a fake user account. There doesn't appear to be a follow-on attack to use it for anything, yet. | |
Stay alert. Stay alive. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Added to Drupalgeddon checks, thanks Josh.