Created
October 18, 2014 02:10
-
-
Save pbull/2dee23851e930707c06e to your computer and use it in GitHub Desktop.
Test that a Drupal 7 site has been correctly patched for CVE-2014-3704.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Run this script using drush php-script (scr) to test whether a site has been | |
* patched for CVE-2014-3704. | |
*/ | |
// Attempt SQL injection and verify that it does not work. | |
$condition = array( | |
"1 ;CREATE TABLE {xCVE20143704} (c varchar(10)); INSERT INTO {xCVE20143704} SET c = 'owned'; -- " => '', | |
'1' => '', | |
); | |
try { | |
db_query("SELECT * FROM {variable} WHERE name = :name", array(':name' => $condition))->fetchObject(); | |
echo "SQL injection attempt was successful.\n"; | |
echo " * Table created\n"; | |
// Test the insert query. | |
if (db_select('xCVE20143704') | |
->condition('c', 'owned') | |
->countQuery() | |
->execute() | |
->fetchField()) | |
{ | |
echo " * Data inserted.\n"; | |
} | |
db_query("DROP TABLE xCVE20143704"); | |
echo " * Cleanup: Table dropped.\n"; | |
echo "You should patch your site immediately. See https://www.drupal.org/SA-CORE-2014-005 for details.\n"; | |
} | |
catch (PDOException $e) { | |
echo "SQL injection attempt failed.\n"; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment