ET EXPLOIT Possible Misfortune Cookie - SET
Sourceet/open
Fileemerging-exploit.rules
CreatedJanuary 6, 2015
UpdatedJune 3, 2024
Classificationtrojan-activity
alert http any any -> any [$HTTP_PORTS,7547] (msg:"ET EXPLOIT Possible Misfortune Cookie - SET"; flow:established,to_server ; flowbits:set,ET.Misfortune_Cookie ; flowbits:noalert; http.header.raw; header_lowercase; content:"cookie|3a 20|C"; nocase; pcre:"/^[0-9][^=]/R"; reference:url,mis.fortunecook.ie/too-many-cooks-exploiting-tr069_tal-oppenheim_31c3.pdf ; classtype:trojan-activity; sid:2020100; rev:5; metadata:created_at 2015_01_06, performance_impact Significant, confidence Medium, signature_severity Major, updated_at 2024_06_03;)
Metadata
created at2015_01_06
performance impactSignificant
confidenceMedium
signature severityMajor
updated at2024_06_03
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!