ET SCAN Tomcat admin-admin login credentials
Sourceet/open
Fileemerging-scan.rules
CreatedJuly 30, 2010
UpdatedMay 7, 2024
Classificationattempted-admin
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SCAN Tomcat admin-admin login credentials"; flow:established,to_server ; flowbits:set,ET.Tomcat.login.attempt ; http.uri; content:"/manager/html"; nocase; http.header; header_lowercase; content:"|0d 0a|authorization|3a 20|Basic|20|YWRtaW46YWRtaW4=|0d 0a|"; fast_pattern; reference:url,tomcat.apache.org ; classtype:attempted-admin; sid:2009217; rev:13; metadata:created_at 2010_07_30, confidence Medium, signature_severity Informational, updated_at 2024_05_07;)
References
Metadata
created at2010_07_30
confidenceMedium
signature severityInformational
updated at2024_05_07
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!