ET EXPLOIT REDIS Attemted SSH Authorized Key Writing Attempt

SID: 2023511Rev: 10 views
Sourceet/open
CreatedNovember 15, 2016
UpdatedJuly 26, 2019
Classificationattempted-admin
alert tcp $EXTERNAL_NET any -> $HOME_NET 6379 (msg:"ET EXPLOIT REDIS Attemted SSH Authorized Key Writing Attempt"; flow:established,to_server; content:"*"; depth:1; content:"config"; content:"set"; distance:0; content:"|0D 0A|dbfilename|0D 0A|"; distance:0; content:"|0D 0A|authorized_keys|0D 0A|"; distance:0; reference:url,antirez.com/news/96; classtype:attempted-admin; sid:2023511; rev:1; metadata:attack_target Client_Endpoint, created_at 2016_11_15, deployment Datacenter, signature_severity Major, tag SCAN_Redis_SSH, updated_at 2019_07_26;)

References

urlantirez.com/news/96

Metadata

attack targetClient_Endpoint
created at2016_11_15
deploymentDatacenter
signature severityMajor
tagSCAN_Redis_SSH
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!