ET WEB_CLIENT Fake 404 With Hidden Login Form
Sourceet/open
Fileemerging-web_client.rules
CreatedJuly 19, 2018
UpdatedApril 13, 2024
Classificationtrojan-activity
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Fake 404 With Hidden Login Form"; flow:established,to_client ; http.stat_code; content:"200"; file.data; content:"<title>404 Not Found</title>"; fast_pattern; startswith; content:"background-color|3a 23|fff|3b|"; distance:0; content:"<form method=post>"; distance:0; content:"input type=password"; within:50; classtype:trojan-activity; sid:2025872; rev:5; metadata:attack_target Client_and_Server, created_at 2018_07_19, deployment Perimeter, performance_impact Low, signature_severity Major, updated_at 2024_04_13;)
Metadata
attack targetClient_and_Server
created at2018_07_19
deploymentPerimeter
performance impactLow
signature severityMajor
updated at2024_04_13
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!