Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"TROJAN BackNet Checkin"; flow:established,to_server; content:"POST"; http_method; content:"data=|25|"; content:"host_key|25|"; content:"Content-Type|3a 20|application/x-www-form-urlencoded"; http_header; classtype:trojan-activity; sid:20166263; rev:2; metadata:created_at 2018_11_02;)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement