alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Jenkins Script Console Usage (Metasploit Windows CMD Shell)"; http.method; content:"POST"; nocase; http.uri; content:"/script"; nocase; pcre:"/^\/?$/R"; http.request_body; content:"sun.misc.BASE64Decoder"; nocase; content:".decodeBuffer"; nocase; content:"cmd.exe"; fast_pattern; classtype:attempted-user; sid:2016295; rev:8; metadata:affected_product Any, attack_target Client_and_Server, created_at 2013_01_25, deployment Perimeter, deployment Internet, deployment Internal, deployment Datacenter, signature_severity Critical, tag Metasploit, updated_at 2020_04_23;)