Versions (2)
Version DetailsCurrent
Rev: 8 • Sep 26, 2012, 12:00 PMET WEB_SERVER PHPMyAdmin BackDoor Access
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER PHPMyAdmin BackDoor Access"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/server_sync.php?"; fast_pattern; content:"c="; pcre:"/\/server_sync.php\?(?:.+?&)?c=/i"; reference:url,www.phpmyadmin.net/home_page/security/PMASA-2012-5.php; classtype:attempted-admin; sid:2015737; rev:8; metadata:created_at 2012_09_26, signature_severity Major, updated_at 2020_09_25;)
Sep 26, 2012, 12:00 PM
Sep 25, 2020, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-web_server.rules