'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:339638)

Rule General Information
Release Date: 2025-11-18
Rule Name: Suspicious JScript Backdoor Code Detection
Severity:
CVE ID:
Rule Protection Details
Description: JScript is Microsoft's implementation of the ECMAScript scripting language, used to run scripts in environments such as Windows Script Host and Internet Explorer. This rule detects suspected remote backdoor scripts written in JScript; please investigate the specific matched indicators and context to determine whether they represent malicious activity.
Impact: Backdoor is a method of bypassing authentication or system encryption to gain access to a system. If a backdoor is discovered, attackers can use the backdoor to execute code or upload files on the infected server.
Affected OS: Windows, Linux, Others
Reference:
Solutions
Please contact the software vendor to update the software patch.