⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 web-cgi.rules

📁 入侵检测系统.linux下与MySql连用的例子
💻 RULES
📖 第 1 页 / 共 2 页
字号:
🔍
12 
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI wrap access"; flags: A+; uricontent: "/wrap"; reference:bugtraq,373; reference:arachnids,234; reference:cve,CVE-1999-0149;classtype:attempted-recon; sid:853; rev:2;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI classifieds.cgi access";flags: A+; uricontent:"/classifieds.cgi"; nocase; reference:bugtraq,2020; reference:cve,CVE-1999-0934;classtype:attempted-recon; sid:854; rev:2;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI edit.pl access";flags: A+; uricontent:"/edit.pl"; nocase;classtype:attempted-recon; sid:855; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI environ.cgi access";flags: A+; uricontent:"/environ.cgi"; nocase;classtype:attempted-recon; sid:856; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI faxsurvey access"; flags: A+; uricontent:"/faxsurvey"; nocase; reference:cve,CVE-1999-0262; reference:bugtraq,2056; classtype:attempted-recon; sid:857; rev:2;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI filemail access";flags: A+; uricontent:"/filemail.pl"; nocase;classtype:attempted-recon; sid:858; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI man.sh access";flags: A+; uricontent:"/man.sh"; nocase;classtype:attempted-recon; sid:859; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI snork.bat access";flags: A+; uricontent:"/snork.bat"; nocase; reference:bugtraq,1053; reference:cve,CVE-2000-0169; reference:arachnids,220;classtype:attempted-recon; sid:860; rev:2;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI w3-msql access";flags: A+; uricontent:"/w3-msql/"; nocase; reference:bugtraq,591; reference:cve,CVE-1999-0276; reference:arachnids,210;classtype:attempted-recon; sid:861; rev:3;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI csh access";flags: A+; uricontent:"/csh"; nocase; reference:cve,CAN-1999-0509;classtype:attempted-recon; sid:862; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI day5datacopier.cgi access";flags: A+; uricontent:"/day5datacopier.cgi"; nocase;classtype:attempted-recon; sid:863; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI day5datanotifier.cgi access";flags: A+; uricontent:"/day5datanotifier.cgi"; nocase;classtype:attempted-recon; sid:864; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI ksh access";flags: A+; uricontent:"/ksh"; nocase; reference:cve,CAN-1999-0509;classtype:attempted-recon; sid:865; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI post-query access";flags: A+; uricontent:"/post-query"; nocase;classtype:attempted-recon; sid:866; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI visadmin.exe access";flags: A+; uricontent:"/visadmin.exe"; nocase; reference:bugtraq,1808; reference:cve,CAN-1999-1970;classtype:attempted-recon; sid:867; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI rsh access";flags: A+; uricontent:"/rsh"; nocase; reference:cve,CAN-1999-0509;classtype:attempted-recon; sid:868; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI dumpenv.pl access";flags: A+; uricontent:"/dumpenv.pl"; nocase;classtype:attempted-recon; sid:869; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI snorkerz.cmd access";flags: A+; uricontent:"/snorkerz.cmd"; nocase;classtype:attempted-recon; sid:870; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI survey.cgi access";flags: A+; uricontent:"/survey.cgi"; nocase; reference:bugtraq,1817; reference:cve,CVE-1999-0936; classtype:attempted-recon; sid:871; rev:2;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI tsch access";flags: A+; uricontent:"/tcsh"; nocase; reference:cve,CAN-1999-0509;classtype:attempted-recon; sid:872; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI scriptalias access"; flags: A+; uricontent: "///"; reference:cve,CVE-1999-0236; reference:bugtraq,2300; reference:arachnids,227; classtype:attempted-recon; sid:873; rev:2;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI w3-msql solaris x86  access"; flags: A+; uricontent: "/bin/shA-cA/usr/openwin"; nocase; reference:cve,CVE-1999-0276; reference:arachnids,211;classtype:attempted-recon; sid:874; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI win-c-sample.exe access"; flags: A+; uricontent: "/win-c-sample.exe"; nocase; reference:bugtraq,2078; reference:arachnids,231; reference:cve,CVE-1999-0178;classtype:attempted-recon; sid:875; rev:2;)alert tcp $HTTP_SERVERS 80 -> $EXTERNAL_NET any (msg:"WEB-CGI bugzilla 2.8 exploit "; flags: A+; content: "blaat@blaat.com"; nocase; reference:arachnids,276;classtype:attempted-user; sid:876; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI rksh access";flags: A+; uricontent:"/rksh"; nocase; reference:cve,CAN-1999-0509; classtype:attempted-recon; sid:877; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI w2tvars.pm access";flags: A+; uricontent:"/w3tvars.pm"; nocase; classtype:attempted-recon; sid:878; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI admin.pl access";flags: A+; uricontent:"/admin.pl"; nocase; classtype:attempted-recon; sid:879; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI LWGate access";flags: A+; uricontent:"/LWGate"; nocase; classtype:attempted-recon; sid:880; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI archie access";flags: A+; uricontent:"/archie"; nocase; classtype:attempted-recon; sid:881; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI calendar access";flags: A+; uricontent:"/calendar"; nocase; classtype:attempted-recon; sid:882; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI flexform access";flags: A+; uricontent:"/flexform"; nocase; classtype:attempted-recon; sid:883; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI formmail access";flags: A+; uricontent:"/formmail"; nocase; reference:bugtraq,1187; reference:cve,CVE-1999-0172; reference:arachnids,226; classtype:attempted-recon; sid:884; rev:2;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI bash access";flags: A+; uricontent:"/bash"; nocase; reference:cve,CAN-1999-0509; classtype:attempted-recon; sid:885; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI phf access";flags: A+; uricontent:"/phf";flags: A+; nocase; reference:bugtraq,629; reference:arachnids,128; reference:cve,CVE-1999-0067;  classtype:attempted-recon; sid:886; rev:2;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI www-sql access";flags: A+; uricontent:"/www-sql"; nocase; classtype:attempted-recon; sid:887; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI wwwadmin.pl access";flags: A+; uricontent:"/wwwadmin.pl"; nocase; classtype:attempted-recon; sid:888; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI ppdscgi.exe access";flags: A+; uricontent:"/ppdscgi.exe"; nocase; reference:bugtraq,491; classtype:attempted-recon; sid:889; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI sendform.cgi access";flags: A+; uricontent:"/sendform.cgi"; nocase; classtype:attempted-recon; sid:890; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI upload.pl access";flags: A+; uricontent:"/upload.pl"; nocase; classtype:attempted-recon; sid:891; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI AnyForm2 access";flags: A+; uricontent:"/AnyForm2"; nocase; reference:bugtraq,719; reference:cve,CVE-1999-0066; classtype:attempted-recon; sid:892; rev:3;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI MachineInfo access";flags: A+; uricontent:"/MachineInfo"; nocase; classtype:attempted-recon; sid:893; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI bb-hist.sh access";flags: A+; uricontent:"/bb-hist.sh"; nocase; reference:bugtraq,142; classtype:attempted-recon; sid:894; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI redirect access";flags: A+; uricontent:"/redirect"; nocase;reference:bugtraq,1179; reference:cve,CVE-2000-0382; classtype:attempted-recon; sid:895; rev:2;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI wayboard access"; uricontent:"/way-board"; nocase; flags:A+; reference:bugtraq,2370; classtype:attempted-recon; sid:896; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI pals-cgi access"; uricontent:"/pals-cgi"; nocase; flags:A+; reference:cve,CAN-2001-0216; classtype:attempted-recon; sid:897; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI commerce.cgi access"; uricontent:"/commerce.cgi"; nocase; flags:A+; classtype:attempted-recon; sid:898; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI Amaya templates sendtemp.pl directory traversal attempt"; uricontent:"/sendtemp.pl"; nocase; content:"templ="; nocase; flags:A+; reference:bugtraq,2504; classtype:attempted-recon; sid:899; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI webspirs directory traversal attempt"; uricontent:"/webspirs.cgi"; nocase; content:"../../"; nocase; flags:A+; reference:bugtraq,2362; classtype:attempted-recon; sid:900; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI webspirs access"; uricontent:"/webspirs.cgi"; nocase; flags:A+; reference:bugtraq,2362; classtype:attempted-recon; sid:901; rev:1;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg:"WEB-CGI tstisapi.dll access"; uricontent:"tstisapi.dll"; nocase; flags:A+; classtype:attempted-recon; sid:902; rev:1;)
12

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -