""ET WEB_SPECIFIC_APPS WordPress DB XML dump successful leakage""
SID: 2012809
Revision: 2
Class Type: successful-recon-largescale
Metadata: affected_product Wordpress, affected_product Wordpress_Plugins, attack_target Web_Server, created_at 2011_05_15, deployment Datacenter, signature_severity Major, tag Wordpress, updated_at 2012_01_02
Reference:
Protocol: tcp
Source Network: $HOME_NET
Source Port: $HTTP_PORTS
Destination Network: $EXTERNAL_NET
Destination Port: any
Flow: established,from_server
Contents:
-
Value: "|0d 0a||0d 0a|"
-
Value: "|0d 0a|Content-Type|3a 20|text/plain|0d 0a|"
Within:
PCRE:
Special Options:
- http_header