ET EXPLOIT HTTP POST with Common Ruby RCE Technique in Body

SID: 2063425Rev: 11 views
Sourceet/open
CreatedJuly 13, 2025
UpdatedJuly 13, 2025
Classificationattempted-admin
alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT HTTP POST with Common Ruby RCE Technique in Body"; flow:established,to_server; http.method; content:"POST"; http.request_body; content:"|3b|"; content:"system.exec|28|"; nocase; fast_pattern; classtype:attempted-admin; sid:2063425; rev:1; metadata:created_at 2025_07_13, signature_severity Unknown, updated_at 2025_07_13;)

Metadata

created at2025_07_13
signature severityUnknown
updated at2025_07_13

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!