Back to Rule

Rule History

SID: 2013380 • Source: et/open

Versions (2)

Version DetailsCurrent

Rev: 2Aug 10, 2011, 12:00 PM

ET WEB_CLIENT Malicious 1px iframe related to Mass Wordpress Injections

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Malicious 1px iframe related to Mass Wordpress Injections"; flow:established,from_server; content:"/?go=1|22 20|width=|22|1|22 20|height=|22|1|22|></iframe>"; fast_pattern; content:"<html"; nocase; distance:0; classtype:bad-unknown; sid:2013380; rev:2; metadata:affected_product Wordpress, affected_product Wordpress_Plugins, attack_target Web_Server, created_at 2011_08_10, deployment Datacenter, signature_severity Major, tag Wordpress, updated_at 2019_07_26;)

Aug 10, 2011, 12:00 PM

Jul 26, 2019, 12:00 PM

Aug 10, 2011, 12:00 PM

May 31, 2024, 9:00 PM

rules/emerging-web_client.rules