alert http any any -> $HOME_NET any (msg:"ET EXPLOIT AirLive? RCI HTTP Request"; flow:to_server,established; content:"GET"; http_method; content:"/cgi_test.cgi?write_"; http_uri; fast_pattern; pcre:"/\?write_(?:m(?:ac|sn)|hdv|pid|tan)&[^&]*\x3b/Ui"; reference:url,packetstormsecurity.com/files/132585/CORE-2015-0012.txt; classtype:attempted-admin; sid:2021408; rev:3; metadata:created_at 2015_07_13, updated_at 2019_10_07;)

Added 2019-10-08 19:34:30 UTC


alert http any any -> $HOME_NET any (msg:"ET EXPLOIT AirLive? RCI HTTP Request"; flow:to_server,established; content:"GET"; http_method; content:"/cgi_test.cgi?write_"; http_uri; fast_pattern:only; pcre:"/\?write_(?:m(?:ac|sn)|hdv|pid|tan)&[^&]*\x3b/Ui"; reference:url,packetstormsecurity.com/files/132585/CORE-2015-0012.txt; classtype:attempted-admin; sid:2021408; rev:2; metadata:created_at 2015_07_13, updated_at 2015_07_13;)

Added 2018-09-13 19:51:26 UTC


Added 2018-09-13 18:00:13 UTC


alert http any any -> $HOME_NET any (msg:"ET EXPLOIT AirLive? RCI HTTP Request"; flow:to_server,established; content:"GET"; http_method; content:"/cgi_test.cgi?write_"; http_uri; fast_pattern:only; pcre:"/\?write_(?:m(?:ac|sn)|hdv|pid|tan)&[^&]*\x3b/Ui"; reference:url,packetstormsecurity.com/files/132585/CORE-2015-0012.txt; classtype:attempted-admin; sid:2021408; rev:2; metadata:created_at 2015_07_13, updated_at 2015_07_13;)

Added 2017-08-07 21:16:07 UTC


alert http any any -> $HOME_NET any (msg:"ET EXPLOIT AirLive? RCI HTTP Request"; flow:to_server,established; content:"GET"; http_method; content:"/cgi_test.cgi?write_"; http_uri; fast_pattern:only; pcre:"/\?write_(?:m(?:ac|sn)|hdv|pid|tan)&[^&]*\x3b/Ui"; reference:url,packetstormsecurity.com/files/132585/CORE-2015-0012.txt; classtype:attempted-admin; sid:2021408; rev:2;)

Added 2015-07-13 18:54:25 UTC


Topic revision: r1 - 2019-10-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats