[Emerging-Sigs] R: Shell command output outbound

Stefano Ruggiero S.Ruggiero at lutech.it
Fri Sep 26 11:30:59 EDT 2014


I agree, some attack response will cover this but I think there could be added some more proof of attack successful completed.

Regards.

Da: emerging-sigs-bounces at lists.emergingthreats.net [mailto:emerging-sigs-bounces at lists.emergingthreats.net] Per conto di Packet Hack
Inviato: venerdì 26 settembre 2014 16:48
A: Emerging-sigs at emergingthreats.net
Oggetto: [Emerging-Sigs] Shell command output outbound

Are there sigs for outbound shell command outputs, like the output of /usr/bin/id
or uname flying out port 80? Might help catching systems vulnerable to Shellshock
and other exploits.

--pckthck
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20140926/463146e9/attachment.html>


More information about the Emerging-sigs mailing list