Versions (4)
Version DetailsCurrent
Rev: 5 • Apr 1, 2011, 12:00 PMET WEB_SERVER Internal WebServer Compromised By Lizamoon Mass SQL-Injection Attacks
alert http $HTTP_SERVERS any -> $EXTERNAL_NET any (msg:"ET WEB_SERVER Internal WebServer Compromised By Lizamoon Mass SQL-Injection Attacks"; flow:established,from_server; content:"</title><script src=http|3a|//"; nocase; content:"/ur.php></script>"; within:100; reference:url,malwaresurvival.net/tag/lizamoon-com/; classtype:web-application-attack; sid:2012614; rev:5; metadata:created_at 2011_04_01, signature_severity Unknown, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Apr 1, 2011, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
Sep 30, 2025, 9:36 PM
rules/emerging-web_server.rules