""ET SQL MySQL mysql.user Dump (Used in Metasploit Auth-Bypass Module)""
SID: 2014910
Revision: 3
Class Type: bad-unknown
Metadata: affected_product Any, attack_target Client_and_Server, created_at 2012_06_16, deployment Perimeter, deployment Internet, deployment Internal, deployment Datacenter, signature_severity Critical, tag Metasploit, updated_at 2014_09_15
Reference:
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HOME_NET
Destination Port: 3306
Flow: established,to_server
Contents:
- Value: "SELECT|20|user|2c|password|20|from|20|mysql|2e|user"
Within:
PCRE:
Special Options: