ET WEB_SPECIFIC_APPS Magento Shoplift Exploit Inbound
Sourceet/open
Fileemerging-web_specific_apps.rules
CreatedMay 3, 2016
UpdatedMarch 7, 2024
Classificationweb-application-attack
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Magento Shoplift Exploit Inbound"; flow:established,to_server ; http.method; content:"POST"; http.uri; content:"/admin/Cms_Wysiwyg/directive/index/"; http.request_body; content:"filter=cG9wdWxhcml0eVtmcm9tXT0wJnBvcHVsYXJpdHlbdG9dPTMmcG9wdWxhcml0eVtmaWVsZF9leHByXT0w"; fast_pattern; depth:100; reference:url,blog.sucuri.net/2015/04/magento-shoplift-supee-5344-exploits-in-the-wild.html ; reference:url,packetstormsecurity.com/files/133327/Magento-Add-Administrator-Account.html ; classtype:web-application-attack; sid:2022776; rev:4; metadata:created_at 2016_05_03, signature_severity Major, updated_at 2024_03_07;)
References
Metadata
created at2016_05_03
signature severityMajor
updated at2024_03_07
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!