Yara Rule - 게시 된 Python POC와 함께 Microsoft SharePoint 서버에서 CVE-203-29357의 성공적인 활용을 나타낼 수있는 로그 항목을 감지 관련 IOC 5개 발견
Yara 정의.
Neo23x0
Yara Rule - Detects log entries that could indicate a successful exploitation of CVE-2023-29357 on Microsoft SharePoint servers with the published Python POC
Yara definition.
https://github.com/Neo23x0/signature-base/commit/cbcadf2ccdfc0532b535885d44e24842c00cd421