'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:715655)

Rule General Information
Release Date: 2022-09-07
Rule Name: Tool Ysoserial Detection - URLDNS
Severity:
CVE ID:
Rule Protection Details
Description: Ysoserial is a well-known java deserialization tool open source on Github, which integrates various java deserialization payloads.This rule is used to detect the deserialization of the URLDNS chain constructed through Ysoserial. The purpose of the URLDNS chain is to trigger the target application to initiate a DNS request for the malicious URL during deserialization by including a maliciously constructed URL in the serialized data.
Impact: Attackers use attack tools to attack targets, which can lead to data leakage, service interruption, system crash, data tampering, and illegal access.
Affected OS: Windows, Linux, Others
Reference:
Solutions
1. Scan the server file system to ensure that there are no hacker tools and related malicious files. 2. Complete system backup to ensure server data security. 3. Harden the security of the server, restrict access permissions, install firewalls, and use secure access control lists.