ATTACK [PTsecurity] DHCP Client Script WPAD option Exploit (CVE-2018-1111)

SID: 10002975Rev: 129 views
History
Sourceptrules/open
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert udp any 67 -> any 68 (msg:"ATTACK [PTsecurity] DHCP Client Script WPAD option Exploit (CVE-2018-1111)"; content:"|63 82 53 63|"; fast_pattern; content:"|FC|"; distance:0; byte_extract:1, 0, length, relative; content:"'"; within:length; pcre:"/^[\x20-\x7E]+(sh|nc|wget|curl|echo|cat|id|uname)/Ri"; reference:cve, 2018-1111; reference:url, dynoroot.ninja; reference:url, rules.ptsecurity.com; classtype:attempted-admin; sid:10002975; rev:1;)

References

cve2018-1111
urldynoroot.ninja
urlrules.ptsecurity.com

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!