ET WEB_SERVER HTTP POST Generic eval of base64_decode

7.0.35.0SID: 2019182Rev: 5Enabled3 views
Sourceet/open
Fileemerging-web_server.rules
CreatedSeptember 16, 2014
UpdatedApril 7, 2024
Classificationtrojan-activity
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER HTTP POST Generic eval of base64_decode"; flow:established,to_server; http.request_body; content:"base64_decode"; nocase; fast_pattern; content:"eval"; nocase; pcre:"/^[\r\n\s]*?\x28[\r\n\s]*?base64_decode/Rsi"; classtype:trojan-activity; sid:2019182; rev:5; metadata:created_at 2014_09_16, confidence Medium, signature_severity Major, updated_at 2024_04_07;)

Metadata

created at2014_09_16
confidenceMedium
signature severityMajor
updated at2024_04_07

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!