alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Metasploit Browser Exploit Server Plugin Detect"; flow:from_server,established; file_data; content:"misc_addons_detect.hasSilverlight"; classtype:trojan-activity; sid:2017810; rev:3; metadata:affected_product Any, attack_target Client_and_Server, created_at 2013_12_06, deployment Perimeter, deployment Internet, deployment Internal, deployment Datacenter, signature_severity Critical, tag Metasploit, updated_at 2019_07_26;)