Snort mailing list archives
Re: HNAP Admin attempts
From: James Lay <jlay () slave-tothe-box net>
Date: Thu, 14 Nov 2013 14:00:08 -0700
On 2013-11-14 13:35, Y M wrote:
In this case base64_decode can help: http://manual.snort.org/node32.html#SECTION004526000000000000000 [1]Date: Thu, 14 Nov 2013 15:20:23 -0500 From: wkitty42 () windstream net To: snort-sigs () lists sourceforge net Subject: Re: [Snort-sigs] HNAP Admin attempts On 11/14/2013 3:54 PM, rmkml wrote:Hi, What you think about this version please ? (removed file_data +added uurilen +http_uri + short Authorization)FWIW: YWRtaW46 decodes from base64 mime to "admin:"... it indicatestheattempted use of the "admin" account to login with... -- NOTE: No off-list assistance is given without prior approval. Please keep mailing list traffic on the list unless private contact is specifically requested and granted.
Thanks for the responses all...and that looks good RM :) James ------------------------------------------------------------------------------ DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access Free app hosting. Or install the open source package on any LAMP server. Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native! http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- HNAP Admin attempts James Lay (Nov 14)
- Re: HNAP Admin attempts lists () packetmail net (Nov 14)
- Re: HNAP Admin attempts James Lay (Nov 14)
- Re: HNAP Admin attempts Carlos Pacho (Nov 14)
- Re: HNAP Admin attempts rmkml (Nov 14)
- Re: HNAP Admin attempts waldo kitty (Nov 14)
- Re: HNAP Admin attempts Y M (Nov 14)
- Re: HNAP Admin attempts James Lay (Nov 14)
- Re: HNAP Admin attempts James Lay (Nov 14)
- Re: HNAP Admin attempts lists () packetmail net (Nov 14)