Anyone dealing with Drupageddon (SA-CORE-2014-005)?

We encourage users to post events happening in the community to the community events group on https://www.drupal.org.
NinaNic's picture
Posted by NinaNic on October 27, 2014 at 11:59pm

I'm in the process of securing several sites for a Northern NJ organization that were affected by Drupageddon (SA-CORE-2014-005), and am looking to connect with others to share ideas and tips.

Categories: , ,

Comments

Some resources here - see the

Posted by pwolanin on October 28, 2014 at 12:07am
pwolanin's picture

Some resources here - see the links to the flowchart and you can download the drush-based audit tool:
https://www.drupal.org/project/drupalgeddon

See also: https://www.acquia.com/blog/learning-hackers-week-after-drupal-sql-injec... which describes several of the common hacks.

Broken Link

Posted by ElegantSolutions on October 28, 2014 at 12:39am
ElegantSolutions's picture

Peter

Thanks for the extra advice.

See also: https://www.acquia.com/blog/learning-hackers-week-after-drupal-sql-injec... which describes several of the common hacks.

is 404

"The best way to predict the future is to invent it." - Alan Kay

The email version gives a

Posted by pwolanin on October 28, 2014 at 1:09am
pwolanin's picture

The email version gives a broken link - sorry.

Try the one directly in my comment above, or here's a short link: http://bit.ly/1tS5fna

Demonstration

Posted by naushunaushad on October 28, 2014 at 7:49am
naushunaushad's picture

The following link demonstrate how the hackers can attack the website.

http://www.zoubi.me/blog/drupageddon-sa-core-2014-005-drupal-7-sql-injec...

Yes we where hit

Posted by jesperhaun on October 29, 2014 at 12:40pm
jesperhaun's picture

Four of our websites where not patched fast enough and are compromised. We have seen new admin users and PHP files hidden in /files.

There is helpful resources here

Posted by pal4life on October 29, 2014 at 5:41pm
pal4life's picture

http://drupal.stackexchange.com/questions/133996/drupal-sa-core-2014-005...

Thanks

Posted by NinaNic on October 29, 2014 at 6:27pm
NinaNic's picture

Thanks, this is helpful.

Nina Nicholson
Director of Communications & Technology
The Episcopal Diocese of Newark
nnicholson@dioceseofnewark.org
http://dioceseofnewark.org

See also this just-released

Posted by pwolanin on October 29, 2014 at 5:47pm
pwolanin's picture

See also this just-released PSA: https://www.drupal.org/PSA-2014-003

Got it

Posted by NinaNic on October 29, 2014 at 6:20pm
NinaNic's picture

Yes, I got it.

Nina Nicholson
Director of Communications & Technology
The Episcopal Diocese of Newark
nnicholson@dioceseofnewark.org
http://dioceseofnewark.org

A podcast focused on dealing with Drupageddon

Posted by shanesevo on November 5, 2014 at 6:07pm
shanesevo's picture

Our latest episode of "Hooked on Drupal" discusses (with some context) the travails of dealing with Drupageddon.

http://www.commercialprogression.com/post/hooked-drupal-podcast-episode-2