alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Possible SQL Injection Attempt char() Danmec related"; flow:established,to_server; content:"CHAR("; http_uri; nocase; pcre:"/CHAR\([0-9]{2,3}\)char\([^\x0d\x0a\x20]{98}/Ui"; classtype:attempted-admin; sid:2014352; rev:2;)

Added 2013-05-02 22:17:00 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Possible SQL Injection Attempt char() Danmec related"; flow:established,to_server; content:"CHAR("; http_uri; nocase; pcre:"/CHAR\([0-9]{2,3}\)char\([^\x0d\x0a\x20]{98,}/Ui"; classtype:attempted-admin; sid:2014352; rev:1;)

Added 2012-03-09 16:28:49 UTC


Topic revision: r1 - 2013-05-03 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats