![[Silicon Defense logo]](../SDlogo.gif)
|
SnortSnarf signature pageSERVER-WEBAPP PHPUnit PHP remote code execution attemptSnortSnarf v021111.1 |
| Signature section (933) | Top 20 source IPs | Top 20 dest IPs |
152 alerts with this signature using input module SnortFileInput, with sources:
Earliest such alert at 21:03:50.792744 on 10/31/2020
Latest such alert at 19:30:23.473400 on 09/26/2021
| SERVER-WEBAPP PHPUnit PHP remote code execution attempt | 24 sources | 1 destinations |
| Priority: 1 | Classification: Web Application Attack | |
| [sid:45749] [CVE:2017-9841] | ||
| Source | # Alerts (sig) | # Alerts (total) | # Dsts (sig) | # Dsts (total) |
| 104.131.29.93 | 28 | 28 | 1 | 1 |
| 52.247.113.177 | 27 | 27 | 1 | 1 |
| 118.27.32.69 | 25 | 25 | 1 | 1 |
| 161.35.143.115 | 24 | 24 | 1 | 1 |
| 159.89.43.50 | 24 | 24 | 1 | 1 |
| 207.154.208.76 | 4 | 4 | 1 | 1 |
| 45.88.12.168 | 2 | 2 | 1 | 1 |
| 185.204.1.217 | 2 | 2 | 1 | 1 |
| 192.228.100.98 | 1 | 1 | 1 | 1 |
| 18.237.205.164 | 1 | 1 | 1 | 1 |
| 164.100.125.71 | 1 | 1 | 1 | 1 |
| 47.52.255.202 | 1 | 1 | 1 | 1 |
| 94.191.110.200 | 1 | 3 | 1 | 1 |
| 31.210.20.56 | 1 | 1 | 1 | 1 |
| 94.191.75.145 | 1 | 1 | 1 | 1 |
| 194.146.50.194 | 1 | 1 | 1 | 1 |
| 93.190.217.98 | 1 | 1 | 1 | 1 |
| 119.29.148.168 | 1 | 3 | 1 | 1 |
| 35.247.157.158 | 1 | 1 | 1 | 1 |
| 128.199.46.178 | 1 | 1 | 1 | 1 |
| 13.78.126.105 | 1 | 1 | 1 | 1 |
| 111.231.203.129 | 1 | 1 | 1 | 1 |
| 82.146.39.47 | 1 | 1 | 1 | 1 |
| 137.135.113.145 | 1 | 1 | 1 | 1 |
| Destinations | # Alerts (sig) | # Alerts (total) | # Srcs (sig) | # Srcs (total) |
| 192.168.0.38 | 152 | 929 | 24 | 557 |