""ET WEB_SERVER Joomla Upload File Filter Bypass""
SID: 2017327
Revision: 1
Class Type: attempted-user
Metadata: created_at 2013_08_14, updated_at 2013_08_14
Reference:
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HTTP_SERVERS
Destination Port: $HTTP_PORTS
Flow: established,to_server
Contents:
-
Value: "option=com_media"
-
Value: "Filedata[]"
Within:
PCRE: "/filename[\r\n\s]?=[\r\n\s]?[\x22\x27]?[^\r\n\x22\x27\x3b]+?.[\r\n\x3b\x22\x27]/Pi"
Special Options:
-
http_uri
-
nocase
-
http_client_body
-
nocase