ET DELETED Blackhole Exploit Kit Landing Page Redirect.php Port 8080 Request

SID: 2015047Rev: 40 views
History
Sourceet/open
CreatedJuly 7, 2012
UpdatedJune 23, 2021
Classificationexploit-kit
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED Blackhole Exploit Kit Landing Page Redirect.php Port 8080 Request"; flow:established,to_server; content:"/redirect.php?d="; fast_pattern:only; http_uri; content:"|3A|8080|0D 0A|"; http_header; pcre:"/\x2Fredirect\x2Ephp\x3Fd\x3D[0-9a-f]{8}$/U"; classtype:exploit-kit; sid:2015047; rev:4; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2012_07_07, deployment Perimeter, malware_family Blackhole, signature_severity Critical, tag Blackhole, tag Exploit_Kit, updated_at 2021_06_23;)

Metadata

affected productWindows_XP_Vista_7_8_10_Server_32_64_Bit
attack targetClient_Endpoint
created at2012_07_07
deploymentPerimeter
malware familyBlackhole
signature severityCritical
tagExploit_Kit
updated at2021_06_23

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!