http://doc.emergingthreats.net/bin/view/Main The web for users, groups and offices. TWiki is an Enterprise Collaboration Platform. en-us Copyright 2010 Emerging Threats and Contributing Authors Emerging Admin [jonkman@emergingthreats.net] The contributing authors of TWiki TWiki http://doc.emergingthreats.net/bin/view/Main http://doc.emergingthreats.net/pub/TWiki/TWikiLogos/T-logo-140x40-t.gif http://doc.emergingthreats.net/bin/view/Main/2010862 alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Possible APC Network Management Card Cross Site Scripting Attempt"; flow:established ... (last changed by TWikiGuest) 2010-03-11T19:31:47Z guest http://doc.emergingthreats.net/bin/view/Main/2010903 alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SPECIFIC APPS phpMyAdmin Remote Code Execution Proof of Concept (c )"; flow:established,to server ... (last changed by TWikiGuest) 2010-03-11T19:31:47Z guest http://doc.emergingthreats.net/bin/view/Main/2010902 alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SPECIFIC APPS phpMyAdmin Remote Code Execution Proof of Concept (p )"; flow:established,to server ... (last changed by TWikiGuest) 2010-03-11T19:31:47Z guest http://doc.emergingthreats.net/bin/view/Main/2010463 alert tcp $HOME NET 1024: $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS RFI Scanner Success (Fx29ID)"; flow:established,from server; content:"FeeLCoMzFeeLCoMz ... (last changed by TWikiGuest) 2010-03-11T19:31:47Z guest http://doc.emergingthreats.net/bin/view/Main/2010884 #alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET POLICY .pdf File Possibly Containing Basic Hex Obfuscation"; flow:established,from server; content: ... (last changed by TWikiGuest) 2010-03-11T19:31:47Z guest http://doc.emergingthreats.net/bin/view/Main/2010931 alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET CURRENT EVENTS Possible Microsoft Internet Explorer iepeers.dll Remote Code Execution Attempt (CVE 2010 ... (last changed by TWikiGuest) 2010-03-11T19:31:47Z guest http://doc.emergingthreats.net/bin/view/Main/2010863 alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SERVER LANDesk Command Injection Attempt"; content:"POST "; flow:established,to server; depth ... (last changed by TWikiGuest) 2010-03-11T19:00:52Z guest http://doc.emergingthreats.net/bin/view/Main/EricLien My Links .ATasteOfTWiki view a short introductory presentation on TWiki for beginners .WelcomeGuest starting points on TWiki .TWikiUsersGuide ... (last changed by TWikiRegistrationAgent) 2010-03-11T13:34:57Z TWikiRegistrationAgent http://doc.emergingthreats.net/bin/view/Main/2010917 alert tcp $EXTERNAL NET any $HOME NET 7777 (msg:"ET TROJAN Arucer DEL FILE Command"; flow:established; content:" C2 E5 E5 E5 9E D1 A3 D1 A3 D5 A1 DD DD C8 A0 D2 ... (last changed by TWikiGuest) 2010-03-10T20:15:48Z guest http://doc.emergingthreats.net/bin/view/Main/2010926 alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Joomla com perchagallery Component id Parameter UNION SELECT SQL Injection Attempt ... (last changed by TWikiGuest) 2010-03-10T20:00:57Z guest http://doc.emergingthreats.net/bin/view/Main/2010921 alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET WEB SPECIFIC APPS Ask.com Toolbar askBar.dll ActiveX ShortFormat Buffer Overflow Attempt"; flow:established ... (last changed by TWikiGuest) 2010-03-10T20:00:57Z guest http://doc.emergingthreats.net/bin/view/Main/2010924 alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Joomla com perchagallery Component id Parameter SELECT FROM SQL Injection Attempt ... (last changed by TWikiGuest) 2010-03-10T20:00:57Z guest http://doc.emergingthreats.net/bin/view/Main/2001810 alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SERVER PHP remote file include exploit attempt"; flow: to server,established; content:"GET " ... (last changed by TWikiGuest) 2010-03-10T20:00:57Z guest http://doc.emergingthreats.net/bin/view/Main/2010930 alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any ( msg:"ET WEB CLIENT Foxit Reader ActiveX OpenFile method Remote Code Execution Function Call"; flow:to client ... (last changed by TWikiGuest) 2010-03-10T20:00:57Z guest http://doc.emergingthreats.net/bin/view/Main/2010928 alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Joomla com perchagallery Component id Parameter UPDATE SET SQL Injection Attempt ... (last changed by TWikiGuest) 2010-03-10T20:00:57Z guest http://doc.emergingthreats.net/bin/view/Main/2010925 alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Joomla com perchagallery Component id Parameter DELETE FROM SQL Injection Attempt ... (last changed by TWikiGuest) 2010-03-10T20:00:57Z guest