""ET SCAN Wapiti Web Server Vulnerability Scan""
SID: 2008417
Revision: 8
Class Type: attempted-recon
Metadata: created_at 2010_07_30, updated_at 2010_09_21
Reference:
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HTTP_SERVERS
Destination Port: $HTTP_PORTS
Flow: to_server,established
Contents:
-
Value: "GET"
-
Value: "?http|3A|//www.google."
-
Value: "User-Agent|3A 20|Python-httplib2"
Within:
PCRE:
Special Options:
-
http_method
-
nocase
-
http_header