alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER ThinkPHP? RCE Exploitation Attempt"; flow:established,to_server; content:"GET"; http_method; content:"/index"; http_uri; content:"/invokefunction&function=call_user_func_array"; http_uri; distance:0; fast_pattern; metadata: former_category WEB_SERVER; reference:url,www.exploit-db.com/exploits/45978; classtype:attempted-admin; sid:2026731; rev:2; metadata:affected_product PHP, attack_target Web_Server, deployment Perimeter, deployment Datacenter, tag ThinkPHP?, signature_severity Major, created_at 2018_12_14, performance_impact Low, updated_at 2019_06_03;)

Added 2019-06-03 18:23:57 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER ThinkPHP? RCE Exploitation Attempt"; flow:established,to_server; content:"GET"; http_method; content:"/index.php?s="; http_uri; content:"/invokefunction&function=call_user_func_array"; http_uri; distance:0; fast_pattern; metadata: former_category WEB_SERVER; reference:url,www.exploit-db.com/exploits/45978; classtype:attempted-admin; sid:2026731; rev:1; metadata:affected_product PHP, attack_target Web_Server, deployment Perimeter, deployment Datacenter, tag ThinkPHP?, signature_severity Major, created_at 2018_12_14, performance_impact Low, updated_at 2018_12_14;)

Added 2018-12-14 15:04:37 UTC



This topic: Main > 2026731
Topic revision: r1 - 2019-06-03 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats