alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS SEO Exploit Kit - client exploited"; flow:established,to_server; content:"/exe.php?exp="; http_uri; flowbits:set,et.exploitkitlanding; classtype:bad-unknown; sid:2011813; rev:5;)

Added 2012-01-04 18:21:03 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS SEO Exploit Kit - client exploited"; flow:established,to_server; content:"/exe.php?exp="; http_uri; classtype:bad-unknown; sid:2011813; rev:4;)

Added 2011-10-12 19:32:38 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS SEO Exploit Kit - client exploited"; flow:established,to_server; content:"/exe.php?exp="; http_uri; classtype:bad-unknown; sid:2011813; rev:4;)

Added 2011-03-31 20:32:17 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS SEO Exploit Kit - client exploited by Java"; flow:established,to_server; content:".php?exp=JavaROX"; http_uri; classtype:bad-unknown; sid:2011813; rev:3;)

Added 2011-02-04 17:31:35 UTC


Topic revision: r1 - 2012-01-04 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats