EditAttachPrintable
r1 - 13 Dec 2007 - 05:31:05 - TWikiGuestYou are here: TWiki >  Main Web > 2007705

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"BLEEDING-EDGE WEB Neosploit 1.5.x URL Loader"; flow:to_server,established; content:"GET "; depth:4; nocase; pcre:"/\?u\d_\d_\d{3,4}_\d_\d_\d{10}_\d{10}_\d{9,10}[_\da-z]{0,9}$/Ui"; classtype:web-application-attack; sid:2007705; rev:1; )

Added 2007-12-13 05:31:05 UTC

 

Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r1 | More topic actions
Main

 
Docs at Bleeding Threats
This site is powered by the TWiki collaboration platformCopyright © Bleeding Edge Threats.
Ideas, requests, problems regarding TWiki? Send feedback