Checks for application attacks using SQL injections.
942330 Detects classic SQL injection probings 1/3 942430 SAP CRM Java vulnerability CVE-2018-2380 942490 Detects classic SQL injection probings 3/3 942340 Detects basic SQL authentication bypass attempts 3/3 942350 Detects MySQL UDF injection and other data/structure manipulation attempts 942361 rule is a stricter sibling of 942360 942320 Detects MySQL and PostgreSQL stored procedure/function injections 942480 SQL Injection Attack 942400 SQL Injection Attack 942140 Detect DB Names 942251 SQL HAVING queries 942421 Restricted SQL Character Anomaly Detection (cookies): # of special characters exceeded (3) 942440 Detect SQL Comment Sequences 942200 SAP CRM Java vulnerability CVE-2018-2380 942240 Detects MySQL charset switch and MSSQL DoS attempts 942270 Looking for basic sql injection. 942220 Looking for integer overflow attacks 942432 Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (2) 942410 SQL Injection Attack 942120 SAP CRM Java vulnerability CVE-2018-2380 942250 Detects MATCH AGAINST, MERGE and EXECUTE IMMEDIATE injections 942290 Finds basic MongoDB SQL injection attempts 942170 Detects SQL benchmark and sleep injection attempts including conditional queries 942160 Detects blind sqli tests using sleep() or benchmark() 942500 Detects MySQL in-line comments that can be used to bypass SQLi detection 942280 Detects Postgres pg_sleep injection, waitfor delay attacks and database shutdown attempts 942310 Detects chained SQL injection attempts 2/2 942431 AP CRM Java vulnerability CVE-2018-2380 942100 LibInjection Check 942380 SQL Injection Attack 942370 This rule is a sibling of 942330. See that rule for a description and overview 942180 Detects basic SQL authentication bypass attempts 1/3 942470 SQL Injection Attack 942150 SAP CRM Java vulnerability CVE-2018-2380 942210 SAP CRM Java vulnerability CVE-2018-2380 942260 Detects basic SQL authentication bypass attempts 2/3 942300 Detects MySQL comments, conditions and ch(a)r injections 942190 Detects MSSQL code execution and information gathering attempts 942360 Detects concatenated basic SQL injection and SQLLFI attempts 942230 Detects conditional SQL injection attempts 942420 SQL Injection Character Anomaly Usage 942450 SQL Hex Evasion Methods 942130 SQL Tautology detection 942110 Identifies common initial SQLi probing requests where attackers insert/append quote characters to the existing normal payload to see how the app/db responds 942460 This rule attempts to identify when multiple (4 or more) non-word characters are repeated in sequence. 942390 SQL Injection Attack
