Update bash.yaml

patch-1
Dhiyaneshwaran 2022-09-19 14:57:53 +05:30 committed by GitHub
parent 1d63590c93
commit 2d2b5515a1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 10 deletions

View File

@ -1,21 +1,19 @@
id: bash-scanner
info:
name: bash-scanner
name: Bash Scanner
author: ransomsec
severity: info
description: "Indicator for bash Dangerous Commands You Should Never Execute on Linux"
tags: bash,shell,sh
description: Indicator for bash Dangerous Commands You Should Never Execute on Linux
reference:
- "https://www.tecmint.com/10-most-dangerous-commands-you-should-never-execute-on-linux/"
- "https://phoenixnap.com/kb/dangerous-linux-terminal-commands"
- https://www.tecmint.com/10-most-dangerous-commands-you-should-never-execute-on-linux/
- https://phoenixnap.com/kb/dangerous-linux-terminal-commands
tags: bash,shell,sh
file:
- extensions:
- sh
extractors:
- type: regex
name: fork-bomb
@ -28,7 +26,6 @@ file:
- "rm -(f|r)"
- "rm -(fr|rf)"
- type: regex
name: code injection
regex:
@ -45,6 +42,6 @@ file:
- "cat /dev/null >"
- type: regex
name: unknown-file-download
name: unknown filedownload
regex:
- '(wget|curl) (https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]\.[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]$'