""ET SHELLCODE Linux/x86-64 - Polymorphic Flush IPTables Shellcode""
SID: 2024057
Revision: 1
Class Type: shellcode-detect
Metadata: affected_product Linux, attack_target Client_and_Server, created_at 2017_03_15, deployment Perimeter, performance_impact Low, signature_severity Critical, updated_at 2017_03_15
Reference:
Protocol: ip
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HOME_NET
Destination Port: any
Flow:
Contents:
- Value: "|6a 52 58 99 52 66 68 2d 46 54 5b 52 48 b9 69 70 74 61 62 6c 65 73 51 d0 e0 28 c8 48 b9 2f 2f 73 62 69 6e 2f 2f 51 54 5f 52 53 57 54 5e 0f 05|"
Within:
PCRE:
Special Options: