Chapter 9. Finding, Exploiting, and Avoiding Vulnerabilities

Where we finally put your new skills to use finding vulnerabilities, exploiting them, fixing them, and working with the security team

This is the beginning of Part III, where we stop talking about theoretical situations and start dealing with real vulnerabilities in the wild. As I write this chapter, there have been some interesting recent developments. First, a class of weaknesses has been discovered in Drupal 6: Modules that were built for Drupal 5 are being upgraded sloppily with improper menu entries, which leads to access bypass vulnerabilities (you learned how to do this properly back in Chapter 4).

Second, information about the real live usage of different versions of Drupal core and individual modules is available at http://drupal.org/project/usage. Even though the usage data shown is up to a week behind the current situation, the information is somewhat shocking. It shows tens of thousands of sites are out of date with either core or contributed module updates. Because of the way the data is collected, the real number of sites that are out of date is likely to be a multiple of that number.

While this chapter will show how to find and exploit weaknesses, I want to be clear that in no way do I condone that action. Instead, I hope that "forewarned will be forearmed" and that people will work harder to maintain secure sites and, most importantly, upgrade their sites in a timely manner.