Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-9016 PoC — Drupal和Drupal Secure Password Hashes模块输入验证错误漏洞

Source
https://github.com/c0r3dump3d/wp_drupal_timing_attack
Associated Vulnerability
Title:Drupal和Drupal Secure Password Hashes模块输入验证错误漏洞 (CVE-2014-9016)
Description:The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.
Description
Python scripts to exploit CVE-2014-9016 and CVE-2014-9034
Readme
wp_drupal_timing_attack
=======================

Python scripts to exploit CVE-2014-9016 and CVE-2014-9034.

For legal purposes only
File Snapshot

 [4.0K]  /data/pocs/24b499a99bbaadf2932f96f4c49f238a424434bb
├── [7.3K]  Drupal_TA.py
├── [ 18K]  LICENSE
├── [ 133]  README.md
├── [ 13K]  socks.py
└── [8.0K]  Wordpress_TA.py

0 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →