⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 web-cgi.rules

📁 This is the snapshot of Snot Latest Rules
💻 RULES
📖 第 1 页 / 共 5 页
字号:
🔍
12345 
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI zml.cgi attempt"; flow:to_server,established; uricontent:"/zml.cgi"; content:"file=../"; metadata:service http; reference:bugtraq,3759; reference:cve,2001-1209; reference:nessus,10830; classtype:web-application-activity; sid:1395; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI zml.cgi access"; flow:to_server,established; uricontent:"/zml.cgi"; metadata:service http; reference:bugtraq,3759; reference:cve,2001-1209; reference:nessus,10830; classtype:web-application-activity; sid:1396; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI AHG search.cgi access"; flow:to_server,established; uricontent:"/publisher/search.cgi"; nocase; content:"template="; nocase; metadata:service http; reference:bugtraq,3985; classtype:web-application-activity; sid:1405; rev:6;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI agora.cgi attempt"; flow:to_server,established; uricontent:"/store/agora.cgi?cart_id=<SCRIPT>"; nocase; metadata:service http; reference:bugtraq,3702; reference:bugtraq,3976; reference:cve,2001-1199; reference:cve,2002-0215; reference:nessus,10836; classtype:web-application-attack; sid:1534; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI agora.cgi access"; flow:to_server,established; uricontent:"/store/agora.cgi"; nocase; metadata:service http; reference:bugtraq,3702; reference:bugtraq,3976; reference:cve,2001-1199; reference:cve,2002-0215; reference:nessus,10836; classtype:web-application-activity; sid:1406; rev:12;)# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI rksh access"; flow:to_server,established; uricontent:"/rksh"; nocase; metadata:service http; reference:cve,1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:877; rev:9;)# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI bash access"; flow:to_server,established; uricontent:"/bash"; nocase; metadata:service http; reference:cve,1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:web-application-activity; sid:885; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI perl.exe command attempt"; flow:to_server,established; uricontent:"/perl.exe?"; nocase; metadata:service http; reference:arachnids,219; reference:cve,1999-0509; reference:nessus,10173; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:1648; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI perl.exe access"; flow:to_server,established; uricontent:"/perl.exe"; nocase; metadata:service http; reference:arachnids,219; reference:cve,1999-0509; reference:nessus,10173; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:832; rev:12;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI perl command attempt"; flow:to_server,established; uricontent:"/perl?"; nocase; metadata:service http; reference:arachnids,219; reference:cve,1999-0509; reference:nessus,10173; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:1649; rev:8;)# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI zsh access"; flow:to_server,established; uricontent:"/zsh"; nocase; metadata:service http; reference:cve,1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:1309; rev:10;)# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI csh access"; flow:to_server,established; uricontent:"/csh"; nocase; metadata:service http; reference:cve,1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:862; rev:10;)# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI tcsh access"; flow:to_server,established; uricontent:"/tcsh"; nocase; metadata:service http; reference:cve,1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:872; rev:10;)# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI rsh access"; flow:to_server,established; uricontent:"/rsh"; nocase; metadata:service http; reference:cve,1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:868; rev:10;)# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI ksh access"; flow:to_server,established; uricontent:"/ksh"; nocase; metadata:service http; reference:cve,1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:865; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI auktion.cgi directory traversal attempt"; flow:to_server,established; uricontent:"/auktion.cgi"; nocase; content:"menue=../../"; nocase; metadata:service http; reference:bugtraq,2367; reference:cve,2001-0212; reference:nessus,10638; classtype:web-application-attack; sid:1703; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI auktion.cgi access"; flow:to_server,established; uricontent:"/auktion.cgi"; nocase; metadata:service http; reference:bugtraq,2367; reference:cve,2001-0212; reference:nessus,10638; classtype:web-application-activity; sid:1465; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI cgiforum.pl attempt"; flow:to_server,established; uricontent:"/cgiforum.pl?thesection=../.."; nocase; metadata:service http; reference:bugtraq,1963; reference:cve,2000-1171; reference:nessus,10552; classtype:web-application-attack; sid:1573; rev:7;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI cgiforum.pl access"; flow:to_server,established; uricontent:"/cgiforum.pl"; nocase; metadata:service http; reference:bugtraq,1963; reference:cve,2000-1171; reference:nessus,10552; classtype:web-application-activity; sid:1466; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI directorypro.cgi attempt"; flow:to_server,established; uricontent:"/directorypro.cgi"; content:"show="; content:"../.."; distance:1; nocase; metadata:service http; reference:bugtraq,2793; reference:cve,2001-0780; reference:nessus,10679; classtype:web-application-attack; sid:1574; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI directorypro.cgi access"; flow:to_server,established; uricontent:"/directorypro.cgi"; nocase; metadata:service http; reference:bugtraq,2793; reference:cve,2001-0780; reference:nessus,10679; classtype:web-application-activity; sid:1467; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI Web Shopper shopper.cgi attempt"; flow:to_server,established; uricontent:"/shopper.cgi"; nocase; content:"newpage=../"; nocase; metadata:service http; reference:bugtraq,1776; reference:cve,2000-0922; reference:nessus,10533; classtype:web-application-attack; sid:1468; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI Web Shopper shopper.cgi access"; flow:to_server,established; uricontent:"/shopper.cgi"; nocase; metadata:service http; reference:bugtraq,1776; reference:cve,2000-0922; classtype:attempted-recon; sid:1469; rev:6;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI listrec.pl access"; flow:to_server,established; uricontent:"/listrec.pl"; nocase; metadata:service http; reference:bugtraq,3328; reference:cve,2001-0997; reference:nessus,10769; classtype:attempted-recon; sid:1470; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI mailnews.cgi access"; flow:to_server,established; uricontent:"/mailnews.cgi"; nocase; metadata:service http; reference:bugtraq,2391; reference:cve,2001-0271; reference:nessus,10641; classtype:attempted-recon; sid:1471; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI book.cgi arbitrary command execution attempt"; flow:to_server,established; uricontent:"/book.cgi"; nocase; content:"current=|7C|"; nocase; metadata:service http; reference:bugtraq,3178; reference:cve,2001-1114; reference:nessus,10721; classtype:web-application-attack; sid:1879; rev:6;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI book.cgi access"; flow:to_server,established; uricontent:"/book.cgi"; nocase; metadata:service http; reference:bugtraq,3178; reference:cve,2001-1114; reference:nessus,10721; classtype:web-application-activity; sid:1472; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI newsdesk.cgi access"; flow:to_server,established; uricontent:"/newsdesk.cgi"; nocase; metadata:service http; reference:bugtraq,2172; reference:cve,2001-0232; reference:nessus,10586; classtype:attempted-recon; sid:1473; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI cal_make.pl directory traversal attempt"; flow:to_server,established; uricontent:"/cal_make.pl"; nocase; content:"p0=../../"; nocase; metadata:service http; reference:bugtraq,2663; reference:cve,2001-0463; reference:nessus,10664; classtype:web-application-attack; sid:1704; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI cal_make.pl access"; flow:to_server,established; uricontent:"/cal_make.pl"; nocase; metadata:service http; reference:bugtraq,2663; reference:cve,2001-0463; reference:nessus,10664; classtype:web-application-activity; sid:1474; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI mailit.pl access"; flow:to_server,established; uricontent:"/mailit.pl"; nocase; metadata:service http; reference:nessus,10417; classtype:attempted-recon; sid:1475; rev:7;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI sdbsearch.cgi access"; flow:to_server,established; uricontent:"/sdbsearch.cgi"; nocase; metadata:service http; reference:bugtraq,1658; reference:cve,2001-1130; reference:nessus,10503; reference:nessus,10720; classtype:attempted-recon; sid:1476; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI swc access"; flow:to_server,established; uricontent:"/swc"; nocase; metadata:service http; reference:nessus,10493; classtype:attempted-recon; sid:1478; rev:6;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI ttawebtop.cgi arbitrary file attempt"; flow:to_server,established; content:"/ttawebtop.cgi"; nocase; content:"pg=../"; nocase; metadata:service http; reference:bugtraq,2890; reference:cve,2001-0805; reference:nessus,10696; classtype:web-application-attack; sid:1479; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI ttawebtop.cgi access"; flow:to_server,established; uricontent:"/ttawebtop.cgi"; nocase; metadata:service http; reference:bugtraq,2890; reference:cve,2001-0805; reference:nessus,10696; classtype:attempted-recon; sid:1480; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI upload.cgi access"; flow:to_server,established; uricontent:"/upload.cgi"; nocase; metadata:service http; reference:nessus,10290; classtype:attempted-recon; sid:1481; rev:5;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI view_source access"; flow:to_server,established; uricontent:"/view_source"; nocase; metadata:service http; reference:bugtraq,2251; reference:cve,1999-0174; reference:nessus,10294; classtype:attempted-recon; sid:1482; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI ustorekeeper.pl directory traversal attempt"; flow:to_server,established; uricontent:"/ustorekeeper.pl"; nocase; content:"file=../../"; nocase; metadata:service http; reference:bugtraq,2536; reference:cve,2001-0466; reference:nessus,10645; classtype:web-application-attack; sid:1730; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI ustorekeeper.pl access"; flow:to_server,established; uricontent:"/ustorekeeper.pl"; nocase; metadata:service http; reference:cve,2001-0466; reference:nessus,10645; classtype:web-application-activity; sid:1483; rev:11;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI icat access"; flow:to_server,established; uricontent:"/icat"; metadata:service http; reference:cve,1999-1069; classtype:web-application-activity; sid:1606; rev:7;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI Bugzilla doeditvotes.cgi access"; flow:to_server,established; uricontent:"/doeditvotes.cgi"; metadata:service http; reference:bugtraq,3800; reference:cve,2002-0011; classtype:web-application-activity; sid:1617; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI htsearch arbitrary configuration file attempt"; flow:to_server,established; uricontent:"/htsearch?-c"; nocase; metadata:service http; reference:bugtraq,3410; reference:cve,2001-0834; classtype:web-application-attack; sid:1600; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI htsearch arbitrary file read attempt"; flow:to_server,established; uricontent:"/htsearch?exclude=`"; nocase; metadata:service http; reference:bugtraq,1026; reference:cve,2000-0208; reference:nessus,10105; classtype:web-application-attack; sid:1601; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI htsearch access"; flow:to_server,established; uricontent:"/htsearch"; nocase; metadata:service http; reference:bugtraq,1026; reference:cve,2000-0208; reference:nessus,10105; classtype:web-application-activity; sid:1602; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI a1stats a1disp3.cgi directory traversal attempt"; flow:to_server,established; uricontent:"/a1disp3.cgi?/../../"; metadata:service http; reference:bugtraq,2705; reference:cve,2001-0561; reference:nessus,10669; classtype:web-application-attack; sid:1501; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI a1stats a1disp3.cgi access"; flow:to_server,established; uricontent:"/a1disp3.cgi"; metadata:service http; reference:bugtraq,2705; reference:cve,2001-0561; reference:nessus,10669; classtype:web-application-activity; sid:1502; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI a1stats access"; flow:to_server,established; uricontent:"/a1stats/"; metadata:service http; reference:bugtraq,2705; reference:cve,2001-0561; reference:nessus,10669; classtype:web-application-activity; sid:1731; rev:8;)
12345

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -