Sneed-Reactivity/yara-Neo23x0/expl_manageengine_jan23.yar


rule EXPL_ManageEngine_CVE_2022_47966_Jan23_1 {
   meta:
      description = "Detects indicators of exploitation of ManageEngine vulnerability as described by Horizon3"
      author = "Florian Roth (Nextron Systems)"
      reference = "https://www.horizon3.ai/manageengine-cve-2022-47966-iocs/"
      date = "2023-01-13"
      score = 75
      id = "07535b9c-8611-5a46-bcd7-f94070de2aea"
   strings:
      $ = "]: com.adventnet.authentication.saml.SamlException: Signature validation failed. SAML Response rejected|"
   condition:
      1 of them
}
OMG ISTG PLS WORK RED PILL :red_circle: :pill: 2024-07-25 12:43:35 -05:00
			`rule EXPL_ManageEngine_CVE_2022_47966_Jan23_1 {`
			`meta:`
			`description = "Detects indicators of exploitation of ManageEngine vulnerability as described by Horizon3"`
			`author = "Florian Roth (Nextron Systems)"`
			`reference = "https://www.horizon3.ai/manageengine-cve-2022-47966-iocs/"`
			`date = "2023-01-13"`
			`score = 75`
			`id = "07535b9c-8611-5a46-bcd7-f94070de2aea"`
			`strings:`
			`$ = "]: com.adventnet.authentication.saml.SamlException: Signature validation failed. SAML Response rejected\|"`
			`condition:`
			`1 of them`
			`}`