🐾 - 🚨 Curl (Linux) connection to temp.sh - possible upload - Leak 🚱 - Suricata Rule 3300399 (pawpatrules)

🐾 - 🚨 Curl (Linux) connection to temp.sh - possible upload - Leak 🚱

SID: 3300399Rev: 30 views

Sourcepawpatrules

CreatedMarch 4, 2022

UpdatedJune 21, 2023

Classificationbad-unknown

alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"🐾 - 🚨 Curl (Linux) connection to temp.sh - possible upload - Leak 🚱"; flow:to_server, stateless; tls_sni; content:"temp.sh"; nocase; ja3.hash; content:"f436b9416f37d134cadd04886327d3e8"; metadata:created_at 2022_03_04, updated_at 2023_06_21; sid:3300399; rev:3; classtype:bad-unknown;)

Metadata

created at2022_03_04

updated at2023_06_21

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!