📄 webcgi-lib

📁 该源码是用C语言编写的,实现网络入侵检测系统的功能
💻
字号:
# $Id: webcgi-lib,v 1.2 2000/11/18 08:25:04 roesch Exp $

alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS232 - WEB-CGI-PHP CGI access attempt";flags:PA; content:"php.cgi?/"; offset: 5; depth: 32; nocase;) 
alert tcp $HOME_NET 80 -> $EXTERNAL_NET any (msg:"IDS276 - Bugzilla 2.8 Exploit"; flags:PA; content: "blaat@blaat.com"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS128 - CVE-1999-0067 - CGI phf attempt";flags:PA; content:"/phf";flags:AP; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS228 - CVE-1999-0237 - Guestbook CGI access attempt";flags:PA; content:"/cgi-bin/guestbook.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS235 - CVE-1999-0148 - CGI-HANDLERprobe!"; flags:PA; content:"/handler"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Htmlscript CGI access attempt";flags:PA; content:"/htmlscript"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Info2 www CGI access attempt";flags:PA; content:"/info2www"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Maillist CGI access attempt";flags:PA; content:"/maillist.pl"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS224 - CVE-1999-0045 - NPH CGI access attempt";flags:PA; content:"nph-test-cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS221 - CVE-1999-0612 - Finger CGI access attempt";flags:PA; content:"cgi-bin/finger"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Perlshop CGI access attempt";flags:PA; content:"/perlshop.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Files CGI access attempt";flags:PA; content:"/files.pl"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Rguest CGI access attempt";flags:PA; content:"/rguest.exe"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-rwwwshell CGI access attempt";flags:PA; content:"rwwwshell.pl"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Survey CGI access attempt";flags:PA; content:"survey.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS218 - CVE-1999-0070 - TEST-CGI probe"; flags:PA; content:"test-cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Textcounter CGI access attempt";flags:PA; content:"textcounter.pl"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Upload CGI access attempt";flags:PA; content:"uploader.exe"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Webdist CGI access attempt";flags:PA; content:"webdist.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-NPH-publish CGI access attempt";flags:PA; content:"nph-publish"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-CGI pf display access attempt";flags:PA; content:"/pfdisplay.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Count.cgi probe!"; flags:PA; content:"cgi-bin/Count.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Aglimpse CGI access attempt";flags:PA; content:"/aglimpse"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS225 - CVE-1999-0066 - CGI-AnyForm access attempt";flags:PA; content:"/AnForm2"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Args CGI access attempt";flags:PA; content:"/args.bat"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-AT-admin CGI access attempt";flags:PA; content:"/AT-admin.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Bnbform CGI access attempt";flags:PA; content:"/bnbform.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Campas CGI access attempt";flags:PA; content:"/campas"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Glimpse CGI access attempt";flags:PA; content:"/glimpse"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS219 - WEB-CGI-Perl access attempt";flags:PA; content:"perl.exe"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Wguest CGI access attempt";flags:PA; content:"wguest.exe"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-CGI view-source access attempt";flags:PA; content:"/view-source?../../../../../../../etc/passwd"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Cgichk Pf display access attempt";flags:PA; content:"/pfdispaly.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS234 - WEB-CGI-Cgiwrap CGI access attempt";flags:PA; content:"cgiwrap"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Classifieds CGI access attempt";flags:PA; content:"cgi-bin/classifieds.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Edit CGI access attempt";flags:PA; content:"/edit.pl"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Environ CGI access attempt";flags:PA; content:"/environ.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Faxsurvey probe"; flags:PA; content:"/faxsurvey"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Filemail CGI access attempt";flags:PA; content:"/filemail.pl"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-CGI Man access attempt";flags:PA; content:"/man.sh"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-rsh";flags:PA; content:"/rsh"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-dumpenv.pl";flags:PA; content:"/dumpenv.pl"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-visadmin.exe";flags:PA; content:"visadmin.exe"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-bash shell";flags:PA; content:"/bash"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-csh shell";flags:PA; content:"cgi-bin/csh"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-day5datacopier.cgi";flags:PA; content:"/day5datacopier.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-day5datanotifier.cgi";flags:PA; content:"/day5datanotifier.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-ksh shell";flags:PA; content:"/ksh"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Webgais CGI access attempt";flags:PA; content:"webgais"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-rksh";flags:PA; content:"/rksh"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-AnyForm2";flags:PA; content:"/AnyForm2"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS220 - WEB-CGI-snork.bat";flags:PA; content:"snork.bat"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-snorkerz.cmd";flags:PA; content:"snorkerz.cmd"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-survey";flags:PA; content:"survey.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-tsch shell";flags:PA; content:"tcsh"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS227 - Web-CGI-Scriptalias"; flags: PA; content: "///";) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS211 - Web-CGI-w3-msql-solx86"; flags: PA; content: "/bin/shA-cA/usr/openwin"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS231 - CVE-1999-0178 - CGI-win-c-sample"; flags: PA; content: "win-c-sample.exe"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-post-query";flags:PA; content:"/post-query"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS210 - WEB-CGI-w3-msql";flags:PA; content:"w3-msql"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Wrap CGI access attempt";flags:PA; content:"wrap"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-WWWboard CGI access attempt";flags:PA; content:"wwwboard.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-WWW-SQL CGI access attempt";flags:PA; content:"www-sql"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-LWGate Attempt";flags:PA; content:"/LWGate"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-archie";flags:PA; content:"/archie"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-calendar";flags:PA; content:"cgi-bin/calendar"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-flexform";flags:PA; content:"/flexform"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-bb-hist.sh";flags:PA; content:"/bb-hist.sh"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-redirectt";flags:PA; content:"/redirect"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-MachineInfo";flags:PA; content:"/MachineInfo"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-w2tvars";flags:PA; content:"w3tvars.pm"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-wais";flags:PA; content:"wais.pl";nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-wwwadmin";flags:PA; content:"wwwadmin.pl"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-ppdscgi";flags:PA; content:"/ppdscgi.exe"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-sendform.cgi";flags:PA; content:"sendform.cgi"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-upload.pl";flags:PA; content:"upload.pl"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-wwwuploader.exe";flags:PA; content:"cgi-win/wwwuploader.exe"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"WEB-CGI-Websendmail CGI access attempt";flags:PA; content:"websendmail"; nocase;) 
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (msg:"IDS226 - CVE-1999-0172 - CGI-formmail";flags:PA; content:"/formmail"; nocase;)
💿 文件大小 2210 K
👤 上传用户 wlflove123
📂 所属分类书籍源码
🏷️ 相关标签

#源码 #C语言 #检测系统 #编写
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -