📄 web-lib

📁 该源码是用C语言编写的,实现网络入侵检测系统的功能
💻
字号:
# $Id: web-lib,v 1.1.1.1 2000/08/07 02:42:47 roesch Exp $ 
# CGI probes submitted by Martin Markgraf
alert tcp any any -> $HOME_NET 80 (content:"/test-cgi"; msg:"TEST-CGI probe!"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (content:"/handler"; msg:"HANDLER probe!"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (content:"/Count.cgi"; msg:"COUNT.cgi probe!"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (content:"/faxsurvey"; msg:"FAXSURVEY probe!"; flags: PA;)

# CGI Probes
alert tcp any any -> $HOME_NET 80 (msg:"PHF CGI access attempt"; content:"/phf"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"PHP CGI access attempt"; content:"/php.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Webgais CGI access attempt"; content:"/webgais"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Websendmail CGI access attempt"; content:"/websendmail"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Webdist CGI access attempt"; content:"/webdist.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Htmlscript CGI access attempt"; content:"/htmlscript"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"CGI pfdisplay access attempt"; content:"/pfdisplay.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Cgichk Pfdispaly (sic) access attempt"; content:"/pfdispaly.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"CGI Perl access attempt"; content:"/perl.exe"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Wwwboard CGI access attempt"; content:"/wwwboard.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"WWW-SQL CGI access attempt"; content:"/www-sql"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Guestbook CGI access attempt"; content:"/guestbook.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"CGI Man access attempt"; content:"/man.sh"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"CGI view-source access attempt"; content:"/view-source?../../../../../../../etc/passwd"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Finger CGI access attempt"; content:"/finger"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Campas CGI access attempt"; content:"/campas"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"NPH CGI access attempt"; content:"/nph-test-cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"rwwwshell CGI access attempt"; content:"/rwwwshell.pl"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"NPH-publish CGI access attempt"; content:"/nph-publish"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Aglimpse CGI access attempt"; content:"/aglimpse"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Glimpse CGI access attempt"; content:"/glimpse"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"AT-admin CGI access attempt"; content:"/AT-admin.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Filemail CGI access attempt"; content:"/filemail.pl"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"JJ CGI access attempt"; content:"/jj"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Maillist CGI access attempt"; content:"/maillist.pl"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Info2www CGI access attempt"; content:"/info2www"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Files CGI access attempt"; content:"/files.pl"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Bnbform CGI access attempt"; content:"/bnbform.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Survey CGI access attempt"; content:"/survey.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"AnyForm CGI access attempt"; content:"/AnForm2"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Textcounter CGI access attempt"; content:"/textcounter.pl"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Classifieds CGI access attempt"; content:"/classifieds.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Environ CGI access attempt"; content:"/environ.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Wrap CGI access attempt"; content:"/wrap"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Cgiwrap CGI access attempt"; content:"/cgiwrap"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Edit CGI access attempt"; content:"/edit.pl"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Perlshop CGI access attempt"; content:"/perlshop.cgi"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Args CGI access attempt"; content:"/cgi-dos/args.bat"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Upload CGI access attempt"; content:"/cgi-win/uploader.exe"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Rguest CGI access attempt"; content:"/rguest.exe"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Wguest CGI access attempt"; content:"/wguest.exe"; flags: PA;)

# IIS probes
alert tcp any any -> $HOME_NET 80 (msg:"IIS vti_inf access attempt"; content:"/_vti_inf.html"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"IIS Codebrowser access attempt"; content:"/iissamples/exair/howitworks/codebrws.asp"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"IIS Codebrowser access attempt"; content:"/iissamples/sdk/asp/docs/codebrws.asp"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"IIS Showcode access attempt"; content:"/msads/Samples/SELECTOR/showcode.asp"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"IIS Bdir access attempt"; content:"/scripts/iisadmin/bdir.htr"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"IIS CGImail access attempt"; content:"/scripts/CGImail.exe"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"IIS NewDSN access attempt"; content:"/scripts/tools/newdsn.exe"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"IIS Fpcount access attempt"; content:"/scripts/fpcount.exe"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"IIS Search97 access attempt"; content:"/search97.vts"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"IIS Carbo.dll access attempt"; content:"/carbo.dll"; flags: PA;)

# IIS stuff from Nick Rogness and Jim Forster
alert tcp any any -> $HOME_NET 80 (msg:"FrontPage Service PWD Scan"; content:"/_vti_pvt/service.pwd"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"FrontPage User PWD Scan"; content:"/_vti_pvt/users.pwd"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"FrontPage Author PWD Scan"; content:"/_vti_pvt/authors.pwd"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"FrontPage Admin PWD Scan"; content:"/_vti_pvt/administrators.pwd"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"FrontPage shtml.dll Scan"; content:"/_vti_pvt/shtml.dll"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"FrontPage shtml.exe Scan"; content:"/_vti_pvt/shtml.exe"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"cgi-dos/args.bat Scan"; content:"/cgi-dos/args.bat"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Colf Fusion openfile Scan"; content:"/cfdocs/expelval/openfile.cfm"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Cold Fusion exprcalc Scan"; content:"/cfdocs/expelval/exprcalc.cfm"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Cold Fusion display Scan"; content:"/cfdocs/expelval/displayopenedfile.cfm"; flags: PA;)
alert tcp any any -> $HOME_NET 80 (msg:"Cold Fusion sendmail Scan"; content:"/cfdocs/expelval/sendmail.cfm"; flags: PA;)
💿 文件大小 2210 K
👤 上传用户 wlflove123
📂 所属分类书籍源码
🏷️ 相关标签

#源码 #C语言 #检测系统 #编写
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -