ET INFO Observed testcookie-nginx-module

SID: 2035554Rev: 30 views
History
Sourceet/open
CreatedMarch 21, 2022
UpdatedApril 28, 2023
Classificationmisc-activity
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET INFO Observed testcookie-nginx-module"; flow:established,to_client; http.stat_code; content:"200"; bsize:3; http.server; content:"nginx"; depth:5; file.data; content:"toNumbers"; content:"d.replace"; distance:30; content:"e.push(parseInt"; distance:30; content:"toHex"; distance:200; content:"e.toLowerCase"; distance:0; content:"toNumbers"; distance:20; content:"toNumbers"; distance:0; content:"toNumbers"; distance:0; content:"toHex(slowAES.decrypt"; distance:100; content:"<noscript>This site requires Javascript to work, please enable Javascript in your browser or use a browser with Javascript support</noscript>"; fast_pattern; distance:100; reference:url,github.com/kyprizel/testcookie-nginx-module; classtype:misc-activity; sid:2035554; rev:3; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2022_03_21, deployment Perimeter, confidence High, signature_severity Informational, updated_at 2023_04_28, reviewed_at 2024_10_15;)

References

urlgithub.com/kyprizel/testcookie-nginx-module

Metadata

affected productWindows_XP_Vista_7_8_10_Server_32_64_Bit
attack targetClient_Endpoint
created at2022_03_21
deploymentPerimeter
confidenceHigh
signature severityInformational
updated at2023_04_28
reviewed at2024_10_15

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!