[Snort-sigs] HNAP Admin attempts
wkitty42 at ...3507...
Thu Nov 14 15:20:23 EST 2013
On 11/14/2013 3:54 PM, rmkml wrote:
> What you think about this version please ? (removed file_data + added uurilen +
> http_uri + short Authorization)
FWIW: YWRtaW46 decodes from base64 mime to "admin:"... it indicates the
attempted use of the "admin" account to login with...
NOTE: No off-list assistance is given without prior approval.
Please keep mailing list traffic on the list unless
private contact is specifically requested and granted.
More information about the Snort-sigs