ET WEB_CLIENT Nikjju Mass Injection Internal WebServer Compromised

7.0.35.0SID: 2014608Rev: 10Disabled1 views
Sourceet/open
Fileemerging-web_client.rules
CreatedApril 17, 2012
UpdatedMarch 13, 2024
Classificationattempted-user
alert http $HOME_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Nikjju Mass Injection Internal WebServer Compromised"; flow:established,to_client; file.data; content:"</title><script src="; nocase; content:"http|3a|//"; nocase; within:8; content:"/r.php"; fast_pattern; within:100; content:"></script>"; distance:1; within:10; classtype:attempted-user; sid:2014608; rev:10; metadata:created_at 2012_04_17, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_13;)

Metadata

created at2012_04_17
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_03_13

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!