ET WEB_SERVER Possible WebLogic Admin Login With Default Creds

SID: 2017803Rev: 50 views
History
Sourceet/open
CreatedDecember 6, 2013
UpdatedApril 27, 2020
Classificationattempted-admin
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER Possible WebLogic Admin Login With Default Creds"; flow:to_server,established; http.method; content:"POST"; nocase; http.uri; content:"/console/j_security_check"; nocase; http.request_body; content:"j_username=system"; nocase; content:"j_password=Passw0rd"; reference:url,media.blackhat.com/us-13/US-13-Polyakov-Practical-Pentesting-of-ERPs-and-Business-Applications-Slides.pdf; classtype:attempted-admin; sid:2017803; rev:5; metadata:created_at 2013_12_06, confidence Medium, signature_severity Major, updated_at 2020_04_27;)

References

urlmedia.blackhat.com/us-13/US-13-Polyakov-Practical-Pentesting-of-ERPs-and-Business-Applications-Slides.pdf

Metadata

created at2013_12_06
confidenceMedium
signature severityMajor
updated at2020_04_27

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!