ET ATTACK_RESPONSE Possible /etc/passwd via HTTP (BSD style)

SID: 2003071Rev: 90 views
History
Sourceet/open
CreatedJuly 30, 2010
UpdatedSeptember 27, 2019
Classificationsuccessful-recon-limited
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE Possible /etc/passwd via HTTP (BSD style)"; flow:established,from_server; file_data; content:"root|3a|*|3a|0|3a|0|3a|"; nocase; content:"|3a|/root|3a|/bin"; nocase; classtype:successful-recon-limited; sid:2003071; rev:9; metadata:created_at 2010_07_30, confidence Medium, signature_severity Unknown, updated_at 2019_09_27;)

Metadata

created at2010_07_30
confidenceMedium
signature severityUnknown
updated at2019_09_27

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!