Versions (3)
Version DetailsCurrent
Rev: 3 • Jan 6, 2015, 12:00 PMET EXPLOIT Possible Misfortune Cookie RomPager Server banner
alert http any [$HTTP_PORTS,7547] -> any any (msg:"ET EXPLOIT Possible Misfortune Cookie RomPager Server banner"; flow:established,from_server; flowbits:isset,ET.Misfortune_Cookie; http.server; content:"RomPager"; nocase; startswith; reference:url,mis.fortunecook.ie/too-many-cooks-exploiting-tr069_tal-oppenheim_31c3.pdf; classtype:trojan-activity; sid:2020101; rev:3; metadata:created_at 2015_01_06, confidence Medium, signature_severity Major, updated_at 2020_05_14;)
Jan 6, 2015, 12:00 PM
May 14, 2020, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-exploit.rules