ET WEB_SERVER HTTP Request to a *.e5b57288.com domain - Anuna Checkin - Compromised PHP Site
Sourceet/open
Fileemerging-web_server.rules
CreatedSeptember 15, 2016
UpdatedMarch 7, 2024
Classificationbad-unknown
alert http $HTTP_SERVERS any -> $EXTERNAL_NET any (msg:"ET WEB_SERVER HTTP Request to a *.e5b57288.com domain - Anuna Checkin - Compromised PHP Site"; flow:established,to_server ; http.header; content:"e5b57288.com"; fast_pattern; reference:url,www.symantec.com/security_response/writeup.jsp?docid=2015-111911-4342-99&tabid=2 ; reference:url,security.stackexchange.com/questions/47253/hacked-site-encrypted-code ; classtype:bad-unknown; sid:2023233; rev:5; metadata:affected_product Apache_HTTP_server, affected_product PHP, attack_target Web_Server, created_at 2016_09_15, deployment Datacenter, signature_severity Critical, updated_at 2024_03_07;)
References
Metadata
affected productPHP
attack targetWeb_Server
created at2016_09_15
deploymentDatacenter
signature severityCritical
updated at2024_03_07
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!