alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Metasploit Meterpreter stdapi_* Command Request"; flow:established; content:"|00 01 00 01|stdapi_"; offset:12; depth:11; classtype:successful-user; sid:2014530; rev:4; metadata:affected_product Any, attack_target Client_and_Server, created_at 2012_04_07, deployment Perimeter, deployment Internet, deployment Internal, deployment Datacenter, signature_severity Critical, tag Metasploit, updated_at 2020_08_19;)