# Drupal

### Enumeration

After identifying a Drupal site, one of the first pieces of information you should try to identify is the version of Drupal running:

```bash
curl -s https://parzival.sh/CHANGELOG.txt 
```

#### Droopescan

```bash
droopescan scan drupal -u https://parzival.sh
```

{% embed url="<https://github.com/SamJoan/droopescan>" %}

### Exploitation

#### Drupalgeddon

Older installations of Drupal are vulnerable to a remote code execution vulnerability dubbed "Drupalgeddon". There is a Metasploit module which works well for exploiting this vulnerability:

```bash
use exploit/unix/webapp/drupal_drupalgeddon2
```

{% embed url="<https://www.rapid7.com/blog/post/2018/04/27/drupalgeddon-vulnerability-what-is-it-are-you-impacted/>" %}