写一个HTTP协议文件上传漏洞的suricata规则
时间: 2023-11-17 08:21:32 浏览: 269
suricata-rules:Suricata针对新的严重漏洞制定规则
alert http any any -> any any (msg:"HTTP文件上传漏洞检测"; flow:to_server,established; file_data; content:"Content-Disposition|3a| form-data|3b| name=|22|file|22|"; nocase; content:"filename=|22|"; nocase; pcre:"/filename=[^;]+?\.(php|pl|py|jsp|asp|aspx|exe|dll|sh)/U"; reference:url,https://www.owasp.org/index.php/Unrestricted_File_Upload; classtype:attempted-user; sid:1000001; rev:1;)
阅读全文