Versions (4)
Version DetailsCurrent
Rev: 2 • Jun 29, 2018, 12:00 PMET EXPLOIT DynoRoot DHCP - Client Command Injection
alert udp any 67 -> any 68 (msg:"ET EXPLOIT DynoRoot DHCP - Client Command Injection"; content:"|02|"; depth:1; content:"|35 01 05 fc|"; distance:0; content:"|2f|bin|2f|sh"; fast_pattern; distance:0; reference:url,exploit-db.com/exploits/44652/; reference:cve,2018-1111; classtype:attempted-admin; sid:2025765; rev:2; metadata:attack_target Networking_Equipment, created_at 2018_06_29, cve CVE_2018_1111, deployment Datacenter, performance_impact Low, confidence Medium, signature_severity Critical, updated_at 2019_07_26, reviewed_at 2024_04_03, mitre_tactic_id TA0008, mitre_tactic_name Lateral_Movement, mitre_technique_id T1210, mitre_technique_name Exploitation_Of_Remote_Services;)
Jun 29, 2018, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-exploit.rules