alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORT (msg: "[WEB-ATTACKS] SQL Injection Using Encapsulated Data - x=x"; content: "%20and%20%27x%27%3D%27x"; nocase; classtype: web-application-attack; parse_src_ip: 1; reference: url,wiki.quadrantsec.com/bin/view/Main/5001701; sid: 5001701; rev:1;)
-- Main.Sagan-Wiki-Add - 2015-10-21
New revisions of 5001701 will be below...
alert any $EXTERNAL_NET any -> $HOME_NET any (msg: "[WEB-ATTACKS] SQL Injection Using Encapsulated Data - x=x"; content: "%20and%20%27x%27%3D%27x"; nocase; default_proto:tcp; default_dst_port: $HTTP_PORT; classtype: web-application-attack; parse_src_ip: 1; reference: url,wiki.quadrantsec.com/bin/view/Main/5001701; sid: 5001701; rev:2;)
-- Main.Sagan-Wiki-Add - 2021-4-12