Versions (5)
Version DetailsCurrent
Rev: 4 • Dec 13, 2013, 12:00 PMET ATTACK_RESPONSE PHP script in OptimizePress Upload Directory Possible WebShell Access
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET ATTACK_RESPONSE PHP script in OptimizePress Upload Directory Possible WebShell Access"; flow:to_server,established; http.uri; content:"/wp-content/uploads/optpress/images_"; fast_pattern; content:".php"; pcre:"/\/wp-content\/uploads\/optpress\/images\_(?:comingsoon|lncthumbs|optbuttons)\/.*?\.php/i"; reference:url,blog.sucuri.net/2013/12/wordpress-optimizepress-theme-file-upload-vulnerability.html; classtype:attempted-admin; sid:2017854; rev:4; metadata:created_at 2013_12_13, confidence Medium, signature_severity Minor, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_08_18;)
Dec 13, 2013, 12:00 PM
Aug 18, 2020, 12:00 PM
Sep 21, 2024, 3:00 AM
Sep 30, 2025, 9:36 PM
rules/emerging-attack_response.rules