ET ATTACK_RESPONSE Metasploit Meterpreter Process Migration Detected

7.0.35.0SID: 2009561Rev: 3Disabled1 views
Sourceet/open
Fileemerging-attack_response.rules
CreatedJuly 30, 2010
UpdatedMarch 6, 2024
Classificationsuccessful-user
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET ATTACK_RESPONSE Metasploit Meterpreter Process Migration Detected"; flow:established,to_client; content:"core_migrate"; depth:60; reference:url,www.nologin.org/Downloads/Papers/meterpreter.pdf; classtype:successful-user; sid:2009561; rev:3; metadata:affected_product Any, attack_target Client_and_Server, created_at 2010_07_30, deployment Perimeter, deployment Internet, deployment Internal, deployment Datacenter, signature_severity Critical, tag Metasploit, updated_at 2024_03_06;)

Metadata

affected productAny
attack targetClient_and_Server
created at2010_07_30
deploymentDatacenter
signature severityCritical
tagMetasploit
updated at2024_03_06

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!