ET EXPLOIT Metasploit Plugin-Detect Posting Data 4
Sourceet/open
Fileemerging-exploit.rules
CreatedMarch 26, 2015
UpdatedApril 12, 2024
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT Metasploit Plugin-Detect Posting Data 4"; flow:established,to_server ; http.method; content:"POST"; http.request_body; content:"b3NfbmFtZT"; startswith; fast_pattern; pcre:"/^[A-Za-z0-9+/]{2}(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{4})$/R" ; reference:url,github.com/rapid7/metasploit-framework/wiki/How-to-write-a-browser-exploit-using-BrowserExploitServer ; classtype:trojan-activity; sid:2020751; rev:4; metadata:affected_product Any, attack_target Client_and_Server, created_at 2015_03_26, deployment Perimeter, deployment Internet, deployment Internal, deployment Datacenter, signature_severity Critical, tag Metasploit, updated_at 2024_04_12;)
References
Metadata
affected productAny
attack targetClient_and_Server
created at2015_03_26
deploymentDatacenter
signature severityCritical
tagMetasploit
updated at2024_04_12
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!