web-cgi.rules

来自「关于网络渗透技术的详细讲解」· RULES 代码 · 共 258 行 · 第 1/5 页

RULES
258
字号
12345
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI ppdscgi.exe access";flow:to_server,established; uricontent:"/ppdscgi.exe"; nocase; reference:bugtraq,491; reference:url,online.securityfocus.com/archive/1/16878; classtype:attempted-recon; sid:889;  rev:5;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI sendform.cgi access";flow:to_server,established; uricontent:"/sendform.cgi"; nocase; reference:cve,CAN-2002-0710; reference:bugtraq,5286; reference:url,www.scn.org/help/sendform.txt; classtype:attempted-recon; sid:890; rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI upload.pl access";flow:to_server,established; uricontent:"/upload.pl"; nocase; classtype:attempted-recon; sid:891;  rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI AnyForm2 access";flow:to_server,established; uricontent:"/AnyForm2"; nocase; reference:bugtraq,719; reference:cve,CVE-1999-0066; classtype:attempted-recon; sid:892;  rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI MachineInfo access";flow:to_server,established; uricontent:"/MachineInfo"; nocase; reference:cve,CAN-1999-1067; classtype:attempted-recon; sid:893;  rev:5;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI bb-hist.sh attempt"; flow:to_server,established; uricontent:"/bb-hist.sh?HISTFILE=../.."; nocase; reference:nessus,10025; reference:cve,CAN-1999-1462; reference:bugtraq,142; classtype:web-application-attack; sid:1531; rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI bb-hist.sh access"; flow:to_server,established; uricontent:"/bb-hist.sh"; nocase; reference:nessus,10025; reference:cve,CAN-1999-1462; reference:bugtraq,142; classtype:attempted-recon; sid:894; rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI bb-histlog.sh access";flow:to_server,established; uricontent:"/bb-histlog.sh"; nocase; reference:bugtraq,142; reference:cve,CAN-1999-1462; classtype:attempted-recon; sid:1459;  rev:3;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI bb-histsvc.sh access";flow:to_server,established; uricontent:"/bb-histsvc.sh"; nocase; reference:bugtraq,142; reference:cve,CAN-1999-1462; classtype:attempted-recon; sid:1460;  rev:3;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI bb-hostscv.sh attempt"; flow:to_server,established; uricontent:"/bb-hostsvc.sh?HOSTSVC?../.."; nocase; reference:nessus,10460; reference:cve,CVE-2000-0638; classtype:web-application-attack; sid:1532; rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI bb-hostscv.sh access"; flow:to_server,established; uricontent:"/bb-hostsvc.sh"; nocase; reference:nessus,10460; reference:cve,CVE-2000-0638; classtype:web-application-activity; sid:1533; rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI bb-rep.sh access";flow:to_server,established; uricontent:"/bb-rep.sh"; nocase; reference:bugtraq,142; reference:cve,CAN-1999-1462; classtype:attempted-recon; sid:1461;  rev:3;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI bb-replog.sh access";flow:to_server,established; uricontent:"/bb-replog.sh"; nocase; reference:bugtraq,142; reference:cve,CAN-1999-1462; classtype:attempted-recon; sid:1462;  rev:3;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI redirect access";flow:to_server,established; uricontent:"/redirect"; nocase;reference:bugtraq,1179; reference:cve,CVE-2000-0382; classtype:attempted-recon; sid:895;  rev:5;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI wayboard attempt"; uricontent:"/way-board/way-board.cgi"; content:"db="; content:"../.."; nocase; flow:to_server,established; reference:bugtraq,2370; reference:cve,CAN-2001-0214; classtype:web-application-attack; sid:1397;  rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI way-board access"; uricontent:"/way-board"; nocase; flow:to_server,established; reference:bugtraq,2370;  reference:cve,CAN-2001-0214; reference:nessus,10610; classtype:web-application-activity; sid:896; rev:7;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI pals-cgi arbitrary file access attempt"; flow:to_server,established; uricontent:"/pals-cgi"; nocase; content:"documentName="; classtype:web-application-attack; reference:cve,CAN-2001-0217; reference:bugtraq,2372; reference:nessus,10611; sid:1222; rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI pals-cgi access"; uricontent:"/pals-cgi"; nocase; flow:to_server,established; reference:cve,CAN-2001-0216; reference:cve,CAN-2001-0217; reference:bugtraq,2372; reference:nessus,10611; classtype:attempted-recon; sid:897; rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI commerce.cgi arbitrary file access attempt"; flow:to_server,established; uricontent:"/commerce.cgi?page=../.."; nocase; reference:nessus,10612; reference:bugtraq,2361; reference:cve,CAN-2001-0210; classtype:attempted-recon; sid:1572; rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI commerce.cgi access"; flow:to_server,established; uricontent:"/commerce.cgi"; nocase; reference:nessus,10612; reference:bugtraq,2361; reference:cve,CAN-2001-0210; classtype:attempted-recon; sid:898; rev:7;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI Amaya templates sendtemp.pl directory traversal attempt"; uricontent:"/sendtemp.pl"; nocase; content:"templ="; nocase; flow:to_server,established; reference:bugtraq,2504; reference:cve,CAN-2001-0272; classtype:web-application-attack; sid:899;  rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI Amaya templates sendtemp.pl access"; uricontent:"/sendtemp.pl"; nocase; flow:to_server,established; reference:bugtraq,2504; reference:cve,CAN-2001-0272; classtype:web-application-activity; sid:1702;  rev:3;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI webspirs.cgi directory traversal attempt"; uricontent:"/webspirs.cgi"; nocase; content:"../../"; nocase; flow:to_server,established; reference:cve,CAN-2001-0211; reference:bugtraq,2362; reference:nessus,10616; classtype:web-application-attack; sid:900; rev:7;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI webspirs.cgi access"; uricontent:"/webspirs.cgi"; nocase; flow:to_server,established; reference:cve,CAN-2001-0211; reference:bugtraq,2362; reference:nessus,10616; classtype:attempted-recon; sid:901; rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI tstisapi.dll access"; uricontent:"tstisapi.dll"; nocase; flow:to_server,established; reference:cve,CAN-2001-0302; classtype:attempted-recon; sid:902;  rev:5;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI sendmessage.cgi access"; uricontent:"/sendmessage.cgi"; nocase; flow:to_server,established; classtype:attempted-recon; sid:1308;  rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI lastlines.cgi access"; uricontent:"/lastlines.cgi"; nocase; flow:to_server,established; reference:bugtraq,3755; reference:bugtraq,3754; classtype:attempted-recon; sid:1392;  rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI zml.cgi attempt"; flow:to_server,established; uricontent:"/zml.cgi"; content:"file=../"; reference:cve,CAN-2001-1209; reference:bugtraq,3759; classtype:web-application-activity; sid:1395;  rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI zml.cgi access"; flow:to_server,established; uricontent:"/zml.cgi"; reference:cve,CAN-2001-1209; reference:bugtraq,3759; classtype:web-application-activity; sid:1396;  rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI AHG search.cgi access"; uricontent:"/publisher/search.cgi"; nocase; content:"template="; nocase; flow:to_server,established; reference:bugtraq,3985; classtype:web-application-activity; sid:1405;  rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI agora.cgi attempt"; flow:to_server,established; uricontent:"/store/agora.cgi?cart_id=<SCRIPT>"; nocase; reference:nessus,10836; reference:cve,CAN-2001-1199; reference:bugtraq,3976; classtype:web-application-attack; sid:1534; rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI agora.cgi access"; flow:to_server,established; uricontent:"/store/agora.cgi"; nocase; reference:nessus,10836; reference:cve,CAN-2001-1199; reference:bugtraq,3976; classtype:web-application-activity; sid:1406; rev:7;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI rksh access";flow:to_server,established; uricontent:"/rksh"; nocase; reference:url,www.cert.org/advisories/CA-1996-11.html; reference:cve,CAN-1999-0509; classtype:attempted-recon; sid:877;  rev:5;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI bash access";flow:to_server,established; uricontent:"/bash"; nocase; reference:cve,CAN-1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:web-application-activity; sid:885; rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI perl.exe command attempt"; flow:to_server,established; uricontent:"/perl.exe?"; nocase; reference:cve,CAN-1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; reference:arachnids,219; reference:nessus,10173; classtype:attempted-recon; sid:1648; rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI perl.exe access"; flow:to_server,established; uricontent:"/perl.exe"; nocase; reference:cve,CAN-1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; reference:arachnids,219; reference:nessus,10173; classtype:attempted-recon; sid:832; rev:8;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI perl command attempt";flow:to_server,established; uricontent:"/perl?"; nocase; reference:cve,CAN-1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; reference:arachnids,219; reference:nessus,10173; classtype:attempted-recon; sid:1649; rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI zsh access";flow:to_server,established; uricontent:"/zsh"; nocase; reference:url,www.cert.org/advisories/CA-1996-11.html; reference:cve,CAN-1999-0509; classtype:attempted-recon; sid:1309;  rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI csh access";flow:to_server,established; uricontent:"/csh"; nocase; reference:url,www.cert.org/advisories/CA-1996-11.html; reference:cve,CAN-1999-0509;classtype:attempted-recon; sid:862;  rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI tcsh access";flow:to_server,established; uricontent:"/tcsh"; nocase; reference:url,www.cert.org/advisories/CA-1996-11.html; reference:cve,CAN-1999-0509;classtype:attempted-recon; sid:872;  rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI rsh access";flow:to_server,established; uricontent:"/rsh"; nocase; reference:cve,CAN-1999-0509; reference:url,www.cert.org/advisories/CA-1996-11.html; classtype:attempted-recon; sid:868;  rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI ksh access";flow:to_server,established; uricontent:"/ksh"; nocase; reference:url,www.cert.org/advisories/CA-1996-11.html; reference:cve,CAN-1999-0509;classtype:attempted-recon; sid:865;  rev:5;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI auktion.cgi directory traversal attempt"; flow:to_server,established; uricontent:"/auktion.cgi"; nocase; content:"menue=../../"; nocase; reference:nessus,10638; reference:bugtraq,2367; reference:cve,CAN-2001-0212; classtype:web-application-attack; sid:1703; rev:5;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI auktion.cgi access"; flow:to_server,established; uricontent:"/auktion.cgi"; nocase; reference:nessus,10638; reference:bugtraq,2367; reference:cve,CAN-2001-0212; classtype:web-application-activity; sid:1465; rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI cgiforum.pl attempt"; flow:to_server,established; uricontent:"/cgiforum.pl?thesection=../.."; nocase; reference:nessus,10552; reference:bugtraq,1963; reference:cve,CVE-2000-1171; classtype:web-application-attack; sid:1573; rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI cgiforum.pl access"; flow:to_server,established; uricontent:"/cgiforum.pl"; nocase; reference:nessus,10552; reference:bugtraq,1963; reference:cve,CVE-2000-1171; classtype:web-application-activity; sid:1466; rev:6;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI directorypro.cgi attempt"; flow:to_server,established; uricontent:"/directorypro.cgi"; content:"show=../.."; nocase; reference:cve,CAN-2001-0780; classtype:web-application-attack; sid:1574;  rev:3;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI directorypro.cgi access"; flow:to_server,established; uricontent:"/directorypro.cgi"; nocase; reference:cve,CAN-2001-0780; classtype:web-application-activity; sid:1467;  rev:4;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI Web Shopper shopper.cgi attempt"; flow:to_server,established; uricontent:"/shopper.cgi"; nocase; content:"newpage=../"; nocase; reference:cve,CVE-2000-0922; reference:bugtraq,1776; classtype:web-application-attack; sid:1468;  rev:5;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI Web Shopper shopper.cgi access"; flow:to_server,established; uricontent:"/shopper.cgi"; nocase; reference:cve,CVE-2000-0922; reference:bugtraq,1776; classtype:attempted-recon; sid:1469;  rev:3;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI listrec.pl access"; flow:to_server,established; uricontent:"/listrec.pl"; nocase; reference:cve,CAN-2001-0997; classtype:attempted-recon; sid:1470;  rev:3;)
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-CGI mailnews.cgi access"; flow:to_server,established; uricontent:"/mailnews.cgi"; nocase; reference:cve,CAN-2001-0271; classtype:attempted-recon; sid:1471;  rev:3;)
12345

web-cgi.rules - 源码说明

本页面展示了「关于网络渗透技术的详细讲解」中的 web-cgi.rules 源码文件,采用 RULES 编程语言编写,共 258 行代码。您可以在线阅读完整代码内容,也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与网络相关的技术资源,包括源代码、技术文档、电路图等,是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?