- In /user/register just try to create a username and if the name is already taken it will be notified:
The name admin is already taken.
- If you request a new password for an existing username:
Unable to send e-mail. Contact the site administrator if the problem persists.
- If you request a new password for a non-existent username:
Sorry, loremipsum is not recognized as a user name or an e-mail address
/user/<number>you can see the number of existing users, in this case is 2 as
/users/3returns a not found error:
- Fuzz From http://drupal.local/node/1 To http://drupal.local/node/500. You could find hidden pages (test, dev) which are not referenced by the search engines.
- curl https://example.com/config/sync/core.extension.yml
- curl https://example.com/core/core.services.yml
- curl https://example.com/config/sync/swiftmailer.transport.yml
searchsploit drupal | grep 'Remote Code Execution'
RCE admin panel Code execution inside Drupal with admin creds You need the plugin php to be installed (check it accessing to /modules/php and if it returns a 403 then, exists, if not found, then the plugin php isn't installed) Go to Modules -> (Check) PHP Filter -> Save configuration
Dump users from DB