Samstag, 17. August 2013

Ruleset-Updates / SolusVM, HTTP-Smuggling, Joomla-Exploits/Java+Apache-Struts

[+] new sigs:
42000269 :: web_server.rules :: DN WEB_SERVER Possible Scan for SolusVM WHMCS Module 3.16 Vulnerability
42000270 :: web_server.rules :: DN WEB_SERVER Possible Fast-Track Tool Spidering User-Agent Detected
42000271 :: web_server.rules :: DN WEB_SERVER ForumSpammer Access
42000272 :: scanner.rules :: DN SCAN Arachni Scanner Web Scan (UA)
42000273 :: scanner.rules :: DN SCAN Arachni Web Scan (URL)
42000274 :: web_server.rules :: DN WEB_SERVER HTTP - Smuggling-Attempt (GET in Headers)
42000275 :: web_server.rules :: DN WEB_SERVER HTTP - Smuggling-Attempt (POST in Headers)
42000276 :: web_apps.rules :: DN WEB_APPS HTTP - Smuggling-Attempt (Proxy-GET in Headers)
42000277 :: web_server.rules :: DN WEB_SERVER HTTP - Smuggling-Attempt (Proxy-POST in Headers)
42000278 :: web_server.rules :: DN WEB_SERVER HTTP - Smuggling-Attempt (NewLine in URI)
42000279 :: web_server.rules :: DN WEB_SERVER HTTP Request Smuggling - Comma in Content-Type
42000280 :: web_server.rules :: DN WEB_SERVER HTTP Request Smuggling - Comma in Content-Length
42000282 :: web_server.rules :: DN WEB_SERVER HTTP Request Smuggling - Multiple Values in Transfer-Encoding
42000284 :: web_server.rules :: DN WEB_SERVER Open-Proxy-Scan
42000285 :: web_server.rules :: DN WEB_SERVER Joomla JCE-Exploit-Scan
42000286 :: app_server.rules :: DN APP_SERVER Apache Struts Possible OGNL Java ProcessBuilder URI
42000287 :: app_server.rules :: DN APP_SERVER Generic JAVA - Attempt - java.lang.Runtime in Request
42000288 :: app_server.rules :: DN APP_SERVER Generic JAVA - Attempt - getRuntime.exec() in Request
42000289 :: web_server.rules :: DN WEB_SERVER Attempt To Access MSSQL xp_servicecontrol Stored Procedure Via URI
42000290 :: web_server.rules :: DN WEB_SERVER Attempt To Access MSSQL xp_regread Stored Procedure Via URI
42000291 :: web_server.rules :: DN WEB_SERVER Attempt To Access MSSQL xp_regwrite Stored Procedure Via URI
42000292 :: web_server.rules :: DN WEB_SERVER Attempt To Access MSSQL xp_regdeletevalue Stored Procedure Via URI
42000293 :: web_server.rules :: DN WEB_SERVER Attempt To Access MSSQL xp_regdeletekey Stored Procedure Via URI
42000294 :: web_server.rules :: DN WEB_SERVER Attempt To Access MSSQL xp_fileexist Stored Procedure Via URI
42000295 :: web_server.rules :: DN WEB_SERVER Attempt To Access MSSQL xp_enumerrorlogs Stored Procedure Via URI
42000296 :: web_server.rules :: DN WEB_SERVER Attempt To Access MSSQL xp_readerrorlogs Stored Procedure Via URI
42000297 :: web_server.rules :: DN WEB_SERVER Attempt To Access MSSQL xp_enumdsn Stored Procedure Via URI
42000298 :: web_server.rules :: DN WEB_SERVER Attempt To Access MSSQLxp_enumgroups Stored Procedure Via URI
42000299 :: web_server.rules :: DN WEB_SERVER Attempt To Access MSSQL xp_ntsec_enumdomains Stored Procedure Via URI
42000300 :: scanner.rules :: DN SCAN SQLNinja Attempt To Recreate xp_cmdshell Using sp_configure
42000301 :: web_server.rules :: DN WEB_SERVER SQLNinja Attempt To Create xp_cmdshell Session
42000302 :: web_server.rules :: DN WEB_SERVER AWSTATS - Access
42000303 :: web_server.rules :: DN WEB_SERVER AWSTATS - Access (2)
42000304 :: scanner.rules :: DN SCAN Spambot Windows-Live-Social-Object-Extractor-Engine
42000305 :: scanner.rules :: DN SCAN Possible HNAP-Exploit-Attempt
42000306 :: scanner.rules :: DN SCAN Morfeus - F*cking-Scanner
42000307 :: scanner.rules :: DN SCAN WP-Contents/Plugins Access
42000308 :: web_server.rules :: DN WEB_SERVER Base64Encoded phpinfo

1 Kommentar:

  1. I have read your blog its very attractive and impressive. I like it your blog.

    Java Training in Chennai Core Java Training in Chennai Core Java Training in Chennai

    Java Online Training Java Online Training Core Java 8 Training in Chennai Core java 8 online training JavaEE Training in Chennai Java EE Training in Chennai

    AntwortenLöschen