ET EXPLOIT_KIT EITest Flash Redirect Aug 09 2016

SID: 2023036Rev: 50 views
Sourceet/open
CreatedAugust 10, 2016
UpdatedMarch 2, 2024
Classificationexploit-kit
alert tcp $HOME_NET any -> [85.93.0.0/24,194.165.16.0/24,31.184.192.0/24] 80 (msg:"ET EXPLOIT_KIT EITest Flash Redirect Aug 09 2016"; flow:established,to_server; urilen:>20; http.uri; content:!".swf"; nocase; content:!".flv"; nocase; content:!"/crossdomain.xml"; http.header; content:!"/crossdomain.xml"; content:!".swf"; nocase; content:!".flv"; nocase; content:!"[DYNAMIC]"; http.header_names; content:!"|0d 0a|Cookie|0d 0a|"; content:"|0d 0a|x-flash-version|0d 0a|"; fast_pattern; classtype:exploit-kit; sid:2023036; rev:5; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2016_08_10, deployment Perimeter, performance_impact Low, signature_severity Major, tag Redirector, updated_at 2024_03_02;)

Metadata

affected productWindows_XP_Vista_7_8_10_Server_32_64_Bit
attack targetClient_Endpoint
created at2016_08_10
deploymentPerimeter
performance impactLow
signature severityMajor
tagRedirector
updated at2024_03_02

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!