Versions (3)
Version DetailsCurrent
Rev: 2 • Sep 29, 2014, 12:00 PMET MALWARE Linux/ShellshockCampaign.DDOSBot Execute Shell Command CnC Server Message
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Linux/ShellshockCampaign.DDOSBot Execute Shell Command CnC Server Message"; flow:established,to_client; content:"! SH"; depth:4; pcre:"/^[^\r\n]+?\n$/R"; reference:url,research.zscaler.com/2014/09/shellshock-attacks-spotted-in-wild.html; reference:cve,2014-6271; classtype:command-and-control; sid:2019298; rev:2; metadata:created_at 2014_09_29, cve CVE_2014_6271, signature_severity Major, updated_at 2019_07_26;)
Sep 29, 2014, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 29, 2014, 12:00 PM
Sep 10, 2024, 1:01 PM
rules/emerging-malware.rules