alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Wordpress Slideshow Gallery 1.4.6 - Shell Upload"; flow:established,to_server; content:"POST"; http_method; content:"application/x-httpd-php"; http_client_body; fast_pattern:only; content:"Content-Disposition|3a 20|form-data|3b 20|"; http_client_body; pcre:"/^[^\r]*?name=[\x22\x27]image_file"\x3b[^(?>\r\n|\n|\r)]*?(?>\r\n|\n|\r)(?>\r\n|\n|\r)?Content-Type: application\/x-httpd-php/RPsi"; reference:url,www.exploit-db.com/exploits/34681/; reference:cve,2014-5460; classtype:trojan-activity; sid:2019728; rev:4; metadata:affected_product Wordpress, affected_product Wordpress_Plugins, attack_target Web_Server, deployment Datacenter, tag Wordpress, signature_severity Major, created_at 2014_11_17, updated_at 2019_05_22;)

Added 2019-05-22 20:30:37 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Wordpress Slideshow Gallery 1.4.6 - Shell Upload"; flow:established,to_server; content:"POST"; http_method; content:"application/x-httpd-php"; http_client_body; fast_pattern:only; content:"Content-Disposition|3a 20|form-data|3b 20|"; http_client_body; pcre:"/^[^\r]*?name=[\x22\x27]image_file"\x3b[^(?>\r\n|\n|\r)]*?(?>\r\n|\n|\r)(?>\r\n|\n|\r)?Content-Type: application\/x-httpd-php/RPsi"; reference:url,www.exploit-db.com/exploits/34681/; reference:cve,2014-5460; classtype:trojan-activity; sid:2019728; rev:4; metadata:affected_product Wordpress, affected_product Wordpress_Plugins, attack_target Web_Server, deployment Datacenter, tag Wordpress, signature_severity Major, created_at 2014_11_17, updated_at 2019_05_22;)

Added 2019-05-22 19:32:46 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Wordpress Slideshow Gallery 1.4.6 - Shell Upload"; flow:established,to_server; content:"POST"; http_method; content:"application/x-httpd-php"; http_client_body; fast_pattern:only; content:"Content-Disposition|3a 20|form-data|3b 20|"; http_client_body; pcre:"/^[^\r]*?name=[\x22\x27]image_file"\x3b[^(?>\r\n|\n|\r)]*?(?>\r\n|\n|\r)(?>\r\n|\n|\r)?Content-Type: application/x-httpd-php/RPsi"; reference:url,www.exploit-db.com/exploits/34681/; reference:cve,2014-5460; classtype:trojan-activity; sid:2019728; rev:3; metadata:affected_product Wordpress, affected_product Wordpress_Plugins, attack_target Web_Server, deployment Datacenter, tag Wordpress, signature_severity Major, created_at 2014_11_17, updated_at 2016_07_01;)

Added 2017-08-07 21:14:02 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Wordpress Slideshow Gallery 1.4.6 - Shell Upload"; flow:established,to_server; content:"POST"; http_method; content:"application/x-httpd-php"; http_client_body; fast_pattern:only; content:"Content-Disposition|3a 20|form-data|3b 20|"; http_client_body; pcre:"/^[^\r]*?name=[\x22\x27]image_file"\x3b[^(?>\r\n|\n|\r)]*?(?>\r\n|\n|\r)(?>\r\n|\n|\r)?Content-Type: application/x-httpd-php/RPsi"; reference:url,www.exploit-db.com/exploits/34681/; reference:cve,2014-5460; classtype:trojan-activity; sid:2019728; rev:3;)

Added 2014-11-17 19:07:57 UTC


Topic revision: r1 - 2019-05-23 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats