ATTACK [PTsecurity] GitHub Electron <1.8.2-beta.4, <1.7.11, <1.6.16 protocol handler RCE (CVE-2018-1000006)

SID: 10002501Rev: 30 views

Sourceptresearch/attackdetection

CreatedDecember 13, 2021

UpdatedDecember 13, 2021

Classificationattempted-admin

alert http any any -> $HOME_NET any (msg:"ATTACK [PTsecurity] GitHub Electron <1.8.2-beta.4, <1.7.11, <1.6.16 protocol handler RCE (CVE-2018-1000006)"; flow:established, from_server; content:"://"; content:"-cmd-prefix="; nocase; pcre:"/(powershell|cmd|python|bash|\.exe)/i"; reference:cve, 2018-1000006; reference:url, electronjs.org/blog/protocol-handler-fix; classtype:attempted-admin; reference:url, github.com/ptresearch/AttackDetection; sid:10002501; rev:3;)

References

cve	2018-1000006
url	electronjs.org/blog/protocol-handler-fix
url	github.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!