ET WEB_SERVER WebShell Generic - ASP File Uploaded - Suricata Rule 2017260 (et/open)

ET WEB_SERVER WebShell Generic - ASP File Uploaded

SID: 2017260Rev: 123 viewsHistory

Sourceet/open

CreatedJuly 31, 2013

UpdatedApril 24, 2020

Classificationtrojan-activity

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER WebShell Generic - ASP File Uploaded"; flow:established,to_server; http.request_body; content:"|0D 0A|"; content:"<%"; within:5; fast_pattern; content:"%>"; distance:0; pcre:"/<%[\x00-\x7f]{20}/"; classtype:trojan-activity; sid:2017260; rev:12; metadata:created_at 2013_07_31, confidence Medium, signature_severity Major, updated_at 2020_04_24;)

Metadata

created at2013_07_31

confidenceMedium

signature severityMajor

updated at2020_04_24

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!