Versions (2)
Version DetailsCurrent
Rev: 3 • Jun 27, 2018, 12:00 PMET WEB_SPECIFIC_APPS Blind Server-Side Request Forgery
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Blind Server-Side Request Forgery"; flow:established,to_server; http.uri; content:"/xmlrpc/pingback"; endswith; http.request_body; content:"<methodCall>"; content:"<methodName>pingback.ping</methodName>"; fast_pattern; content:"<value>http://"; content:"<value>http://"; distance:0; reference:url,exploit-db.com/raw/44945/; classtype:attempted-user; sid:2025759; rev:3; metadata:attack_target Client_Endpoint, created_at 2018_06_27, deployment Perimeter, performance_impact Low, signature_severity Major, updated_at 2020_09_16;)
Jun 27, 2018, 12:00 PM
Sep 16, 2020, 12:00 PM
Jun 27, 2018, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-web_specific_apps.rules