9.1. Strategies to Crack Drupal
This chapter goes example by example through several strategies to crack Drupal. The first is simply to search for a common security mistake in the code and then use some advanced Google search modifiers to find potentially vulnerable sites. Then you take a look at two vulnerabilities that were "happened upon" and discuss some things to be aware of as you click around sites and review code to increase the likelihood that you will happen upon these issues as well.
A big part of finding bugs is simply being paranoid and knowledgeable about the nature of the issues. If you are paranoid without knowledge, you are likely to become stressed and perhaps make mistakes with your site in the hope that you are solving problems. However, armed with the knowledge from this book you should feel fully trained in finding and fixing security bugs in code. If you bought this book, you are probably at least a little paranoid already. If your boss bought you this book to read, hopefully it has given you a little reason to be paranoid.
Get Cracking Drupal®: A Drop in the Bucket now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
