alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET INFO Potential Common Malicious JavaScript Loop"; flow:established,to_client; content:"for("; content:"|3B|"; within:20; content:">=0|3B|"; fast_pattern; within:10; content:"--)"; within:10; pcre:"/for\x28[^\x3D\r\n]*[0-9]{1,6}\x2D[0-9]{1,5}\x3B[^\x3D\r\n]\x3E\x3D0\x3B[^\x29\r\n]\x2D\x2D\x29/"; classtype:bad-unknown; sid:2015045; rev:5; metadata:created_at 2012_07_07, performance_impact Significant, confidence High, signature_severity Informational, updated_at 2024_04_08;)