'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:339504)

Rule General Information
Release Date: 2025-10-15
Rule Name: Tool pystinger Detection - connect
Severity:
CVE ID:
Rule Protection Details
Description: pystinger is a forward proxy tool. Through webshell, it can achieve socks4 proxy and port mapping within the internal network, and can also directly launch MSF and CS. This rule is used to detect suspicious connection behaviors of the pystinger tool.
Impact: Attackers use attack tools to attack targets, which can lead to data leakage, service interruption, system crash, data tampering, and illegal access.
Affected OS: Windows, Linux, Others
Reference:
Solutions
1. Scan the server file system to ensure that no hacking tools and related malicious files are left. 2. Make a complete system backup to ensure the security of server data. 3. Secure the server, restrict access rights, install firewalls, and use secure access control lists.