ET EXPLOIT_KIT CritXPack Landing Pattern
Sourceet/open
CreatedDecember 8, 2012
UpdatedSeptember 18, 2020
Classificationexploit-kit
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT_KIT CritXPack Landing Pattern"; flow:established,to_server; http.uri; content:"/i.php?token="; fast_pattern; nocase; pcre:"/\/i.php?token=[a-z0-9]+$/i"; classtype:exploit-kit; sid:2015998; rev:5; metadata:created_at 2012_12_08, signature_severity Major, updated_at 2020_09_18;)
Metadata
created at2012_12_08
signature severityMajor
updated at2020_09_18
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!