Versions (3)
Version DetailsCurrent
Rev: 10 • Jul 30, 2010, 12:00 PMET EXPLOIT Pwdump3e Password Hash Retrieval port 139
alert tcp $HOME_NET 139 -> any any (msg:"ET EXPLOIT Pwdump3e Password Hash Retrieval port 139"; flow: from_server,established; content:"|3a 00|5|00|0|00|0|3a|"; classtype:misc-attack; sid:2000568; rev:10; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Jul 30, 2010, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
Oct 24, 2025, 9:34 PM
rules/emerging-exploit.rules