Rule History

SID: 2022015 • Source: et/open

Versions (3)

Version DetailsCurrent

Rev: 4 • Nov 2, 2015, 12:00 PM

Message:

ET WEB_SPECIFIC_APPS Reversed Pastebin Injection in Magento DB 2

Rule:

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET WEB_SPECIFIC_APPS Reversed Pastebin Injection in Magento DB 2"; flow:established,from_server; file_data; content:"<script"; content:"ptth|22|=crs tpircs"; fast_pattern; content:".reverse("; reference:url,labs.sucuri.net/?note=2015-11-02; classtype:web-application-attack; sid:2022015; rev:4; metadata:created_at 2015_11_02, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_10_08;)

Created:

Nov 2, 2015, 12:00 PM

Updated:

Oct 8, 2019, 12:00 PM

DB Created:

Sep 21, 2024, 3:00 AM

DB Updated:

Dec 12, 2025, 10:34 PM

Filename:

rules/emerging-web_specific_apps.rules