alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET SCAN JCE Joomla Scanner"; flow:established,to_server; content:"BOT/0.1 (BOT for JCE)"; http_user_agent; depth:21; classtype:web-application-attack; sid:2016032; rev:4; metadata:created_at 2012_12_13, updated_at 2019_10_11;)

Added 2019-10-11 19:56:36 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET SCAN JCE Joomla Scanner"; flow:established,to_server; content:"User-Agent|3a| BOT/0.1 (BOT for JCE)"; http_header; classtype:web-application-attack; sid:2016032; rev:3; metadata:created_at 2012_12_13, updated_at 2012_12_13;)

Added 2018-09-13 19:45:59 UTC


Added 2018-09-13 17:57:06 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET SCAN JCE Joomla Scanner"; flow:established,to_server; content:"User-Agent|3a| BOT/0.1 (BOT for JCE)"; http_header; classtype:web-application-attack; sid:2016032; rev:3; metadata:created_at 2012_12_13, updated_at 2012_12_13;)

Added 2017-08-07 21:09:41 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET SCAN JCE Joomla Scanner"; flow:established,to_server; content:"User-Agent|3a| BOT/0.1 (BOT for JCE)"; http_header; classtype:web-application-attack; sid:2016032; rev:3;)

Added 2014-09-19 17:22:45 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET CURRENT_EVENTS JCE Joomla Scanner"; flow:established,to_server; content:"User-Agent|3a| BOT/0.1 (BOT for JCE)"; http_header; classtype:web-application-attack; sid:2016032; rev:1;)

Added 2012-12-14 14:42:53 UTC


Topic revision: r1 - 2019-10-11 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats