Versions (5)
Version DetailsCurrent
Rev: 2 • Oct 2, 2020, 12:00 PMET EXPLOIT [401TRG] HPDM Backdoor Login
alert tcp any any -> $HOME_NET 40006 (msg:"ET EXPLOIT [401TRG] HPDM Backdoor Login"; flow:established,to_server; content:"user|00|dm_postgres|00|database|00|hpdmdb|00|"; fast_pattern; reference:url,twitter.com/nickstadb/status/1310853783765815297; classtype:attempted-admin; sid:2030961; rev:2; metadata:created_at 2020_10_02, performance_impact Low, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_10_02;)
Oct 2, 2020, 12:00 PM
Oct 2, 2020, 12:00 PM
Sep 21, 2024, 3:00 AM
Sep 16, 2025, 8:36 PM
rules/emerging-exploit.rules