#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SHELLCODE Possible Backslash Escaped UTF-16 0c0c Heap Spray"; flow:established,to_client; file_data; content:"|5C|0c0c"; nocase; distance:0; classtype:bad-unknown; sid:2016715; rev:3; metadata:created_at 2013_04_04, former_category SHELLCODE, updated_at 2017_09_08;)

Added 2022-05-19 19:06:17 UTC


#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SHELLCODE Possible Backslash Escaped UTF-16 0c0c Heap Spray"; flow:established,to_client; file_data; content:"|5C|0c0c"; nocase; distance:0; classtype:bad-unknown; sid:2016715; rev:2; metadata:created_at 2013_04_04, former_category SHELLCODE, updated_at 2017_09_08;)

Added 2021-09-21 19:58:36 UTC


#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SHELLCODE Possible Backslash Escaped UTF-16 0c0c Heap Spray"; flow:established,to_client; file_data; content:"|5C|0c0c"; nocase; distance:0; classtype:bad-unknown; sid:2016715; rev:2; metadata:created_at 2013_04_03, former_category SHELLCODE, updated_at 2017_09_08;)

Added 2020-08-05 19:09:01 UTC


#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SHELLCODE Possible Backslash Escaped UTF-16 0c0c Heap Spray"; flow:established,to_client; file_data; content:"|5C|0c0c"; nocase; distance:0; metadata: former_category SHELLCODE; classtype:bad-unknown; sid:2016715; rev:2; metadata:created_at 2013_04_03, updated_at 2017_09_08;)

Added 2018-09-13 19:46:45 UTC


Added 2018-09-13 17:57:32 UTC


#alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SHELLCODE Possible Backslash Escaped UTF-16 0c0c Heap Spray"; flow:established,to_client; file_data; content:"|5C|0c0c"; nocase; distance:0; metadata: former_category SHELLCODE; classtype:bad-unknown; sid:2016715; rev:2; metadata:created_at 2013_04_03, updated_at 2017_09_08;)

Added 2017-09-08 16:25:04 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SHELLCODE Possible Backslash Escaped UTF-16 0c0c Heap Spray"; flow:established,to_client; file_data; content:"|5C|0c0c"; nocase; distance:0; classtype:bad-unknown; sid:2016715; rev:2; metadata:created_at 2013_04_03, updated_at 2013_04_03;)

Added 2017-08-07 21:10:30 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET SHELLCODE Possible Backslash Escaped UTF-16 0c0c Heap Spray"; flow:established,to_client; file_data; content:"|5C|0c0c"; nocase; distance:0; classtype:bad-unknown; sid:2016715; rev:1;)

Added 2013-04-03 21:52:27 UTC


Topic revision: r1 - 2022-05-19 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats