|
|
|||
| Rule General Information |
|---|
| Release Date: | 2020-08-31 | |
| Rule Name: | Webshell Tool Behinder v3.0 Detection - ASP Script Upload | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Behinder is a website Webshell management tool . Using the uploaded webshell, you can execute arbitrary commands under the authority of the web server, and can bypass most of the WAF and probe devices currently on the market.This rule is used to detect the behavior of Behinder v3.0 uploading the ASP scripts. | |
| Impact: | By using the Webshell management tool, an attacker can obtain the control rights of the server by using the Webshell written into the website, execute system commands, read configuration files, steal user data, and tamper with website pages. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| 1. Scan the server file system to ensure that no Webshell and related malicious files exist. 2. Complete system backup to ensure server data security. 3. Harden the security of the server, restrict access permissions, install firewalls, and use secure access control lists. |