⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 web-cgi.rules

📁 This is the snapshot of Snot Latest Rules
💻 RULES
📖 第 1 页 / 共 5 页
字号:
🔍
12345 
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI admentor admin.asp access"; flow:to_server,established; uricontent:"/admentor/admin/admin.asp"; metadata:service http; reference:bugtraq,4152; reference:cve,2002-0308; reference:nessus,10880; reference:url,www.securiteam.com/windowsntfocus/5DP0N1F6AW.html; classtype:web-application-activity; sid:1503; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI alchemy http server PRN arbitrary command execution attempt"; flow:to_server,established; uricontent:"/PRN/../../"; metadata:service http; reference:bugtraq,3599; reference:cve,2001-0871; reference:nessus,10818; classtype:web-application-activity; sid:1505; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI alchemy http server NUL arbitrary command execution attempt"; flow:to_server,established; uricontent:"/NUL/../../"; metadata:service http; reference:bugtraq,3599; reference:cve,2001-0871; reference:nessus,10818; classtype:web-application-activity; sid:1506; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI alibaba.pl arbitrary command execution attempt"; flow:to_server,established; uricontent:"/alibaba.pl|7C|"; metadata:service http; reference:bugtraq,770; reference:cve,1999-0885; reference:nessus,10013; classtype:web-application-attack; sid:1507; rev:11;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI alibaba.pl access"; flow:to_server,established; uricontent:"/alibaba.pl"; metadata:service http; reference:bugtraq,770; reference:cve,1999-0885; reference:nessus,10013; classtype:web-application-activity; sid:1508; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI AltaVista Intranet Search directory traversal attempt"; flow:to_server,established; uricontent:"/query?mss=.."; metadata:service http; reference:bugtraq,896; reference:cve,2000-0039; reference:nessus,10015; classtype:web-application-attack; sid:1509; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI test.bat arbitrary command execution attempt"; flow:to_server,established; uricontent:"/test.bat|7C|"; metadata:service http; reference:bugtraq,762; reference:cve,1999-0947; reference:nessus,10016; classtype:web-application-attack; sid:1510; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI test.bat access"; flow:to_server,established; uricontent:"/test.bat"; metadata:service http; reference:bugtraq,762; reference:cve,1999-0947; reference:nessus,10016; classtype:web-application-activity; sid:1511; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI input.bat arbitrary command execution attempt"; flow:to_server,established; uricontent:"/input.bat|7C|"; metadata:service http; reference:bugtraq,762; reference:cve,1999-0947; reference:nessus,10016; classtype:web-application-attack; sid:1512; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI input.bat access"; flow:to_server,established; uricontent:"/input.bat"; metadata:service http; reference:bugtraq,762; reference:cve,1999-0947; reference:nessus,10016; classtype:web-application-activity; sid:1513; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI input2.bat arbitrary command execution attempt"; flow:to_server,established; uricontent:"/input2.bat|7C|"; metadata:service http; reference:bugtraq,762; reference:cve,1999-0947; reference:nessus,10016; classtype:web-application-attack; sid:1514; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI input2.bat access"; flow:to_server,established; uricontent:"/input2.bat"; metadata:service http; reference:bugtraq,762; reference:cve,1999-0947; reference:nessus,10016; classtype:web-application-activity; sid:1515; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI envout.bat arbitrary command execution attempt"; flow:to_server,established; uricontent:"/envout.bat|7C|"; metadata:service http; reference:bugtraq,762; reference:cve,1999-0947; reference:nessus,10016; classtype:web-application-attack; sid:1516; rev:11;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI envout.bat access"; flow:to_server,established; uricontent:"/envout.bat"; metadata:service http; reference:bugtraq,762; reference:cve,1999-0947; reference:nessus,10016; classtype:web-application-activity; sid:1517; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI echo.bat arbitrary command execution attempt"; flow:to_server,established; uricontent:"/echo.bat"; content:"&"; metadata:service http; reference:bugtraq,1002; reference:cve,2000-0213; reference:nessus,10246; classtype:web-application-attack; sid:1705; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI echo.bat access"; flow:to_server,established; uricontent:"/echo.bat"; metadata:service http; reference:bugtraq,1002; reference:cve,2000-0213; reference:nessus,10246; classtype:web-application-activity; sid:1706; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI hello.bat arbitrary command execution attempt"; flow:to_server,established; uricontent:"/hello.bat"; content:"&"; metadata:service http; reference:bugtraq,1002; reference:cve,2000-0213; reference:nessus,10246; classtype:web-application-attack; sid:1707; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI hello.bat access"; flow:to_server,established; uricontent:"/hello.bat"; metadata:service http; reference:bugtraq,1002; reference:cve,2000-0213; reference:nessus,10246; classtype:web-application-activity; sid:1708; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI tst.bat access"; flow:to_server,established; uricontent:"/tst.bat"; metadata:service http; reference:bugtraq,770; reference:cve,1999-0885; reference:nessus,10014; classtype:web-application-activity; sid:1650; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI /cgi-bin/ls access"; flow:to_server,established; uricontent:"/cgi-bin/ls"; nocase; metadata:service http; reference:bugtraq,936; reference:cve,2000-0079; reference:nessus,10037; classtype:web-application-activity; sid:1539; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI cgimail access"; flow:to_server,established; uricontent:"/cgimail"; nocase; metadata:service http; reference:bugtraq,1623; reference:cve,2000-0726; reference:nessus,11721; classtype:web-application-activity; sid:1542; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI cgiwrap access"; flow:to_server,established; uricontent:"/cgiwrap"; nocase; metadata:service http; reference:bugtraq,1238; reference:bugtraq,3084; reference:bugtraq,777; reference:cve,1999-1530; reference:cve,2000-0431; reference:cve,2001-0987; reference:nessus,10041; classtype:web-application-activity; sid:1543; rev:13;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI csSearch.cgi arbitrary command execution attempt"; flow:to_server,established; uricontent:"/csSearch.cgi"; content:"setup="; content:"`"; content:"`"; distance:1; metadata:service http; reference:bugtraq,4368; reference:cve,2002-0495; reference:nessus,10924; classtype:web-application-attack; sid:1547; rev:12;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI csSearch.cgi access"; flow:to_server,established; uricontent:"/csSearch.cgi"; metadata:service http; reference:bugtraq,4368; reference:cve,2002-0495; reference:nessus,10924; classtype:web-application-activity; sid:1548; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI dbman db.cgi access"; flow:to_server,established; uricontent:"/dbman/db.cgi"; metadata:service http; reference:bugtraq,1178; reference:cve,2000-0381; reference:nessus,10403; classtype:web-application-activity; sid:1554; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI DCShop access"; flow:to_server,established; uricontent:"/dcshop"; nocase; metadata:service http; reference:bugtraq,2889; reference:cve,2001-0821; classtype:web-application-activity; sid:1555; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI DCShop orders.txt access"; flow:to_server,established; uricontent:"/orders/orders.txt"; nocase; metadata:service http; reference:bugtraq,2889; reference:cve,2001-0821; classtype:web-application-activity; sid:1556; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI DCShop auth_user_file.txt access"; flow:to_server,established; uricontent:"/auth_data/auth_user_file.txt"; nocase; metadata:service http; reference:bugtraq,2889; reference:cve,2001-0821; classtype:web-application-activity; sid:1557; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI eshop.pl arbitrary commane execution attempt"; flow:to_server,established; uricontent:"/eshop.pl?seite=|3B|"; nocase; metadata:service http; reference:bugtraq,3340; reference:cve,2001-1014; classtype:web-application-attack; sid:1565; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI eshop.pl access"; flow:to_server,established; uricontent:"/eshop.pl"; nocase; metadata:service http; reference:bugtraq,3340; reference:cve,2001-1014; classtype:web-application-activity; sid:1566; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI loadpage.cgi directory traversal attempt"; flow:to_server,established; uricontent:"/loadpage.cgi"; content:"file=../"; nocase; metadata:service http; reference:bugtraq,2109; reference:cve,2000-1092; reference:nessus,10065; classtype:web-application-attack; sid:1569; rev:10;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI loadpage.cgi access"; flow:to_server,established; uricontent:"/loadpage.cgi"; nocase; metadata:service http; reference:bugtraq,2109; reference:cve,2000-1092; reference:nessus,10065; classtype:web-application-activity; sid:1570; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI faqmanager.cgi arbitrary file access attempt"; flow:to_server,established; uricontent:"/faqmanager.cgi?toc="; uricontent:"|00|"; nocase; metadata:service http; reference:bugtraq,3810; reference:nessus,10837; classtype:web-application-attack; sid:1590; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI faqmanager.cgi access"; flow:to_server,established; uricontent:"/faqmanager.cgi"; nocase; metadata:service http; reference:bugtraq,3810; reference:nessus,10837; classtype:web-application-activity; sid:1591; rev:7;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI /fcgi-bin/echo.exe access"; flow:to_server,established; uricontent:"/fcgi-bin/echo.exe"; nocase; metadata:service http; reference:nessus,10838; classtype:web-application-activity; sid:1592; rev:7;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI FormHandler.cgi directory traversal attempt attempt"; flow:to_server,established; uricontent:"/FormHandler.cgi"; nocase; content:"reply_message_attach="; nocase; content:"/../"; metadata:service http; reference:bugtraq,798; reference:bugtraq,799; reference:cve,1999-1050; reference:nessus,10075; classtype:web-application-attack; sid:1628; rev:11;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI FormHandler.cgi external site redirection attempt"; flow:to_server,established; uricontent:"/FormHandler.cgi"; nocase; content:"redirect=http"; metadata:service http; reference:bugtraq,798; reference:bugtraq,799; reference:cve,1999-1050; reference:nessus,10075; classtype:web-application-attack; sid:1593; rev:11;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI FormHandler.cgi access"; flow:to_server,established; uricontent:"/FormHandler.cgi"; nocase; metadata:service http; reference:bugtraq,798; reference:bugtraq,799; reference:cve,1999-1050; reference:nessus,10075; classtype:web-application-activity; sid:1594; rev:11;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI guestbook.cgi access"; flow:to_server,established; uricontent:"/guestbook.cgi"; nocase; metadata:service http; reference:cve,1999-0237; reference:nessus,10098; classtype:web-application-activity; sid:1597; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI Home Free search.cgi directory traversal attempt"; flow:to_server,established; uricontent:"/search.cgi"; content:"letter=../"; nocase; metadata:service http; reference:bugtraq,921; reference:cve,2000-0054; reference:nessus,10101; classtype:web-application-attack; sid:1598; rev:9;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI search.cgi access"; flow:to_server,established; uricontent:"/search.cgi"; nocase; metadata:service http; reference:bugtraq,921; reference:cve,2000-0054; classtype:web-application-activity; sid:1599; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI environ.pl access"; flow:to_server,established; uricontent:"/environ.pl"; nocase; metadata:service http; classtype:web-application-activity; sid:1651; rev:6;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI campas attempt"; flow:to_server,established; uricontent:"/campas?|0A|"; nocase; metadata:service http; reference:bugtraq,1975; reference:cve,1999-0146; reference:nessus,10035; classtype:web-application-attack; sid:1652; rev:11;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI cart32.exe access"; flow:to_server,established; uricontent:"/cart32.exe"; nocase; metadata:service http; reference:bugtraq,1153; reference:nessus,10389; classtype:web-application-activity; sid:1654; rev:8;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI pfdispaly.cgi arbitrary command execution attempt"; flow:to_server,established; uricontent:"/pfdispaly.cgi?'"; nocase; metadata:service http; reference:cve,1999-0270; reference:nessus,10174; classtype:web-application-attack; sid:1655; rev:7;)alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI pfdispaly.cgi access"; flow:to_server,established; uricontent:"/pfdispaly.cgi"; nocase; metadata:service http; reference:bugtraq,64; reference:cve,1999-0270; reference:nessus,10174; classtype:web-application-activity; sid:16
12345

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -