alert http any any -> $HOME_NET 8080 (msg:"ET EXPLOIT Linksys Router Unauthenticated Remote Code Execution"; flow:to_server,established; content:"POST"; http_method; content:".cgi"; http_uri; nocase; content:"%74%74%63%70%5f%69%70%3d%2d%68%20%60"; http_client_body; fast_pattern; content:"Authorization|3a 20|Basic"; http_header; reference:url,sans.org/reading-room/whitepapers/malicious/analyzing-backdoor-bot-mips-platform-35902; classtype:attempted-user; sid:2022758; rev:3; metadata:created_at 2016_04_25, updated_at 2019_10_07;)

Added 2019-10-08 19:34:37 UTC


alert http any any -> $HOME_NET 8080 (msg:"ET EXPLOIT Linksys Router Unauthenticated Remote Code Execution"; flow:to_server,established; content:"POST"; http_method; content:".cgi"; http_uri; nocase; content:"%74%74%63%70%5f%69%70%3d%2d%68%20%60"; http_client_body; fast_pattern:only; content:"Authorization|3a| Basic"; http_header; reference:url,sans.org/reading-room/whitepapers/malicious/analyzing-backdoor-bot-mips-platform-35902; classtype:attempted-user; sid:2022758; rev:2; metadata:created_at 2016_04_25, updated_at 2016_04_25;)

Added 2018-09-13 19:52:31 UTC


Added 2018-09-13 18:00:53 UTC


alert http any any -> $HOME_NET 8080 (msg:"ET EXPLOIT Linksys Router Unauthenticated Remote Code Execution"; flow:to_server,established; content:"POST"; http_method; content:".cgi"; http_uri; nocase; content:"%74%74%63%70%5f%69%70%3d%2d%68%20%60"; http_client_body; fast_pattern:only; content:"Authorization|3a| Basic"; http_header; reference:url,sans.org/reading-room/whitepapers/malicious/analyzing-backdoor-bot-mips-platform-35902; classtype:attempted-user; sid:2022758; rev:2; metadata:created_at 2016_04_25, updated_at 2016_04_25;)

Added 2017-08-07 21:17:43 UTC


alert http any any -> $HOME_NET 8080 (msg:"ET EXPLOIT Linksys Router Unauthenticated Remote Code Execution"; flow:to_server,established; content:"POST"; http_method; content:".cgi"; http_uri; nocase; content:"%74%74%63%70%5f%69%70%3d%2d%68%20%60"; http_client_body; fast_pattern:only; content:"Authorization|3a| Basic"; http_header; reference:url,sans.org/reading-room/whitepapers/malicious/analyzing-backdoor-bot-mips-platform-35902; classtype:attempted-user; sid:2022758; rev:2;)

Added 2016-04-25 18:11:18 UTC


Topic revision: r1 - 2019-10-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats