alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible SQL Injection INTO OUTFILE Arbitrary File Write Attempt"; flow:established,to_server; content:"INTO"; nocase; http_uri; content:"OUTFILE"; nocase; http_uri; pcre:"/INTO.+OUTFILE/Ui"; reference:url,www.milw0rm.com/papers/372; reference:url,www.greensql.net/publications/backdoor-webserver-using-mysql-sql-injection; reference:url,websec.wordpress.com/2007/11/17/mysql-into-outfile/; reference:url,doc.emergingthreats.net/2010037; classtype:web-application-attack; sid:2010037; rev:3;)

Added 2011-10-12 19:28:48 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible SQL Injection INTO OUTFILE Arbitrary File Write Attempt"; flow:established,to_server; content:"INTO"; nocase; http_uri; content:"OUTFILE"; nocase; http_uri; pcre:"/INTO.+OUTFILE/Ui"; classtype:web-application-attack; reference:url,www.milw0rm.com/papers/372; reference:url,www.greensql.net/publications/backdoor-webserver-using-mysql-sql-injection; reference:url,websec.wordpress.com/2007/11/17/mysql-into-outfile/; reference:url,doc.emergingthreats.net/2010037; sid:2010037; rev:3;)

Added 2011-09-14 22:42:05 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible SQL Injection INTO OUTFILE Arbitrary File Write Attempt"; flow:established,to_server; content:"INTO"; nocase; http_uri; content:"OUTFILE"; nocase; http_uri; pcre:"/INTO.+OUTFILE/Ui"; classtype:web-application-attack; reference:url,www.milw0rm.com/papers/372; reference:url,www.greensql.net/publications/backdoor-webserver-using-mysql-sql-injection; reference:url,websec.wordpress.com/2007/11/17/mysql-into-outfile/; reference:url,doc.emergingthreats.net/2010037; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SQL_Injection_Monster_List; sid:2010037; rev:3;)

Added 2011-02-04 17:29:29 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible SQL Injection INTO OUTFILE Arbitrary File Write Attempt"; flow:established,to_server; uricontent:"INTO"; nocase; uricontent:"OUTFILE"; nocase; pcre:"/INTO.+OUTFILE/Ui"; classtype:web-application-attack; reference:url,www.milw0rm.com/papers/372; reference:url,www.greensql.net/publications/backdoor-webserver-using-mysql-sql-injection; reference:url,websec.wordpress.com/2007/11/17/mysql-into-outfile/; reference:url,doc.emergingthreats.net/2010037; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SQL_Injection_Monster_List; sid:2010037; rev:2;)

Added 2009-10-12 20:45:37 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible SQL Injection INTO OUTFILE Arbitrary File Write Attempt"; flow:established,to_server; uricontent:"INTO"; nocase; uricontent:"OUTFILE"; nocase; pcre:"/INTO.+OUTFILE/Ui"; classtype:web-application-attack; reference:url,www.milw0rm.com/papers/372; reference:url,www.greensql.net/publications/backdoor-webserver-using-mysql-sql-injection; reference:url,websec.wordpress.com/2007/11/17/mysql-into-outfile/; reference:url,doc.emergingthreats.net/2010037; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SQL_Injection_Monster_List; sid:2010037; rev:2;)

Added 2009-10-12 20:45:37 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible SQL Injection INTO OUTFILE Arbitrary File Write Attempt"; flow:established,to_server; uricontent:"INTO"; nocase; uricontent:"OUTFILE"; nocase; pcre:"/INTO.+OUTFILE/Ui"; classtype:web-application-attack; reference:url,www.milw0rm.com/papers/372; reference:url,www.greensql.net/publications/backdoor-webserver-using-mysql-sql-injection; reference:url,websec.wordpress.com/2007/11/17/mysql-into-outfile/; sid:2010037; rev:1;)

Added 2009-10-06 09:30:38 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats