#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"INSERT "; nocase; http_cookie; content:"INTO"; nocase; http_cookie; pcre:"/INSERT.+INTO/Ci"; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; reference:url,doc.emergingthreats.net/2009773; classtype:web-application-attack; sid:2009773; rev:38;)

Added 2011-10-12 19:28:14 UTC


#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"INSERT "; nocase; http_cookie; content:"INTO"; nocase; http_cookie; pcre:"/INSERT.+INTO/Ci"; classtype:web-application-attack; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; reference:url,doc.emergingthreats.net/2009773; sid:2009773; rev:38;)

Added 2011-09-14 22:41:31 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"INSERT "; nocase; http_cookie; content:"INTO"; nocase; http_cookie; pcre:"/INSERT.+INTO/Ci"; classtype:web-application-attack; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; reference:url,doc.emergingthreats.net/2009773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Cookie_SQL_Injection; sid:2009773; rev:38;)

Added 2011-02-04 17:29:09 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"|0d 0a|Cookie|3A|"; nocase; content:"INSERT%20"; nocase; within:200; content:"INTO"; nocase; distance:0; pcre:"/\x0a\x0dCookie\x3a[^\n]INSERT.+INTO/i"; classtype:web-application-attack; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; reference:url,doc.emergingthreats.net/2009773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Cookie_SQL_Injection; sid:2009773; rev:35;)

Added 2009-10-06 14:19:03 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"|0d 0a|Cookie|3A|"; nocase; content:"INSERT%20"; nocase; within:200; content:"INTO"; nocase; distance:0; pcre:"/\x0a\x0dCookie\x3a[^\n]INSERT.+INTO/i"; classtype:web-application-attack; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; reference:url,doc.emergingthreats.net/2009773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Cookie_SQL_Injection; sid:2009773; rev:35;)

Added 2009-10-06 14:19:03 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"|0d 0a|Cookie|3A|"; nocase; content:"INSERT%20"; nocase; within:200; content:"INTO"; nocase; distance:0; pcre:"/\x0a\x0dCookie\x3a[^\n]INSERT.+INTO/i"; classtype:web-application-attack; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; reference:url,doc.emergingthreats.net/2009773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Cookie_SQL_Injection; sid:2009773; rev:3;)

Added 2009-09-14 17:00:37 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"|0d 0a|Cookie|3A|"; nocase; content:"INSERT%20"; nocase; within:200; content:"INTO"; nocase; distance:0; pcre:"/\x0a\x0dCookie\x3a[^\n]INSERT.+INTO/i"; classtype:web-application-attack; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; reference:url,doc.emergingthreats.net/2009773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Cookie_SQL_Injection; sid:2009773; rev:3;)

Added 2009-09-14 17:00:37 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"|0d 0a|Cookie|3A|"; nocase; content:"INSERT%20"; nocase; within:200; content:"INTO"; nocase; distance:0; pcre:"/\x0a\x0dCookie\x3a[^\n]INSERT.+INTO/i"; classtype:web-application-attack; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; reference:url,doc.emergingthreats.net/2009773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Cookie_SQL_Injection; sid:2009773; rev:3;)

Added 2009-09-14 16:59:37 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"|0d 0a|Cookie|3A|"; nocase; content:"INSERT%20"; nocase; within:200; content:"INTO"; nocase; distance:0; pcre:"/\x0a\x0dCookie\x3a[^\n]INSERT.+INTO/i"; classtype:web-application-attack; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; reference:url,doc.emergingthreats.net/2009773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Cookie_SQL_Injection; sid:2009773; rev:3;)

Added 2009-09-14 16:59:37 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"|0d 0a|Cookie|3A|"; nocase; content:"INSERT"; nocase; within:200; content:"INTO"; nocase; distance:0; pcre:"/\x0a\x0dCookie\x3a[^\n]INSERT.+INTO/i"; classtype:web-application-attack; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; reference:url,doc.emergingthreats.net/2009773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Cookie_SQL_Injection; sid:2009773; rev:2;)

Added 2009-08-22 16:45:39 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"|0d 0a|Cookie|3A|"; nocase; content:"INSERT"; nocase; within:200; content:"INTO"; nocase; distance:0; pcre:"/\x0a\x0dCookie\x3a[^\n]INSERT.+INTO/i"; classtype:web-application-attack; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; reference:url,doc.emergingthreats.net/2009773; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Cookie_SQL_Injection; sid:2009773; rev:2;)

Added 2009-08-22 16:45:39 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB Possible INSERT INTO SQL Injection In Cookie"; flow:to_server,established; content:"|0d 0a|Cookie|3A|"; nocase; content:"INSERT"; nocase; within:200; content:"INTO"; nocase; distance:0; pcre:"/\x0a\x0dCookie\x3a[^\n]INSERT.+INTO/i"; classtype:web-application-attack; reference:url,www.w3schools.com/SQL/sql_insert.asp; reference:url,en.wikipedia.org/wiki/SQL_injection; reference:url,www.owasp.org/index.php/SQL_Injection; sid:2009773; rev:1;)

Added 2009-08-20 14:35:35 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats