POLICY [PTsecurity] LDAP Cleartext credentials exposure

SID: 10002317Rev: 20 views
Sourceptresearch/attackdetection
CreatedDecember 13, 2021
UpdatedDecember 13, 2021
Classificationsuccessful-recon-limited
alert tcp any any -> any 389 (msg:"POLICY [PTsecurity] LDAP Cleartext credentials exposure"; flow:established, to_server, no_stream; content:"|30|"; depth:1; content:"|02 01|"; distance:1; within:2; content:"|60|"; distance:1; within:1; content:"|02 01|"; distance:1; within:2; content:"|04|"; distance:1; within:1; byte_jump:1, 0, relative; content:"|80|"; within:1; content:!"|00|"; within:1; reference:url, github.com/ptresearch/AttackDetection; classtype:successful-recon-limited; sid:10002317; rev:2;)

References

urlgithub.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!