#alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Internal WebServer? Compromised By Lizamoon Mass SQL-Injection Attacks"; flow:established,from_server; content:""; within:100; reference:url,malwaresurvival.net/tag/lizamoon-com/; classtype:web-application-attack; sid:2012614; rev:4;)

Added 2011-12-20 17:12:35 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Internal WebServer? Compromised By Lizamoon Mass SQL-Injection Attacks"; flow:established,from_server; content:""; within:100; reference:url,malwaresurvival.net/tag/lizamoon-com/; classtype:web-application-attack; sid:2012614; rev:4;)

Added 2011-10-12 19:34:47 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Internal WebServer? Compromised By Lizamoon Mass SQL-Injection Attacks"; flow:established,from_server; content:""; within:100; classtype:web-application-attack; reference:url,malwaresurvival.net/tag/lizamoon-com/; sid:2012614; rev:4;)

Added 2011-04-02 15:59:21 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Internal WebServer? Compromised By Lizamoon Mass SQL-Injection Attacks"; flow:established,from_server; content:"script src=http|3a|//lizamoon.com"; nocase; classtype:web-application-attack; reference:url,malwaresurvival.net/tag/lizamoon-com/; sid:2012614; rev:2;)

Added 2011-03-31 20:32:18 UTC


Topic revision: r1 - 2011-12-20 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats