ET WEB_CLIENT Fake 404 With Hidden Login Form

SID: 2025872Rev: 30 viewsHistory

Sourceet/open

CreatedJuly 19, 2018

UpdatedNovember 18, 2020

Classificationtrojan-activity

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Fake 404 With Hidden Login Form"; flow:established,from_server; http.stat_code; content:"200"; file.data; content:"<title>404 Not Found</title>"; fast_pattern; depth:28; content:"background-color|3a 23|fff|3b|"; distance:0; content:"<form method=post>"; distance:0; content:"input type=password"; within:50; classtype:trojan-activity; sid:2025872; rev:3; metadata:attack_target Client_and_Server, created_at 2018_07_19, deployment Perimeter, performance_impact Low, signature_severity Major, updated_at 2020_11_18;)

Metadata

attack targetClient_and_Server

created at2018_07_19

deploymentPerimeter

performance impactLow

signature severityMajor

updated at2020_11_18

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!