alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORT (msg: "[WEB-ATTACKS] SQL Power Injector SQL Injection User Agent Detected"; content: "User-Agent"; content: "SQL Power Injector"; content:"Security tool (Make sure it is used with the administrator consent)"; parse_src_ip: 1; parse_dst_ip: 2; reference:url,www.sqlpowerinjector.com/index.htm; reference:url,en.wikipedia.org/wiki/Sql_injection; reference:url,doc.emergingthreats.net/2009769; flowbits: set, recon, 86400; classtype:attempted-recon; sid:5001812; rev:2;)

-- Main.Sagan-Wiki-Add - 2015-10-21

New revisions of 5001812 will be below...

Topic revision: r1 - 2015-10-21 - Sagan-Wiki-Add
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback