[Snort-sigs] HNAP Admin attempts

waldo kitty wkitty42 at ...3507...
Thu Nov 14 15:20:23 EST 2013

On 11/14/2013 3:54 PM, rmkml wrote:
> Hi,
> What you think about this version please ? (removed file_data + added uurilen +
> http_uri + short Authorization)

FWIW: YWRtaW46 decodes from base64 mime to "admin:"... it indicates the 
attempted use of the "admin" account to login with...

NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.

More information about the Snort-sigs mailing list