Versions (2)
Version DetailsCurrent
Rev: 4 • Oct 25, 2020, 12:00 PM⚠ LDAP password ➡ sent in clear text 👀 - Leak 🚱
alert tcp any any -> any 389 (msg:"⚠ LDAP password ➡ sent in clear text 👀 - Leak 🚱"; flow:established, to_server, no_stream; threshold:type limit, track by_src,count 1, seconds 3600; content:"|30|"; depth:1; content:"|02 01|"; fast_pattern; distance:1; within:2; content:"|60|"; distance:1; within:1; content:"|02 01|"; distance:1; within:2; content:"|04|"; distance:1; within:1; byte_jump:1, 0, relative; content:"|80|"; within:1; content:!"|00|"; within:1; reference:url,https://github.com/ptresearch/AttackDetection/blob/master/policy/policy.rules; sid:3300341; metadata:created_at 2020_10_25, updated_at 2026_05_17; rev:4; classtype:policy-violation;)
Oct 25, 2020, 12:00 PM
May 17, 2026, 12:00 PM
Feb 21, 2024, 4:00 PM
May 17, 2026, 9:35 PM
rules/PAW-PATRULES_LEAKS.rules