Versions (3)
Version DetailsCurrent
Rev: 2 • Jun 13, 2014, 12:00 PMET EXPLOIT_KIT BleedingLife Exploit Kit JAR Exploit Request
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT_KIT BleedingLife Exploit Kit JAR Exploit Request"; flow:established,to_server; content:"/modules/"; http_uri; depth:9; content:".jar"; http_uri; distance:1; within:4; pcre:"/^\x2Fmodules\x2F(1|2)\x2Ejar$/U"; reference:url,vrt-blog.snort.org/2014/06/the-never-ending-exploit-kit-shift.html; reference:cve,2011-3544; reference:cve,2012-1723; reference:cve,2013-2465; classtype:exploit-kit; sid:2018564; rev:2; metadata:created_at 2014_06_13, signature_severity Major, updated_at 2019_07_26;)
Jun 13, 2014, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-exploit_kit.rules