'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

mal_webshell_msc:China_Chopper(Rule ID:1090410000)

Release Date2025/9/15

Rule NameChina Chopper Webshell Attack Attempt - JSP

Severity:high

CVE ID

 

Descripiton

WebShell is a kind of command execution envrionment which is in the form of Web page files like asp, php, jsp, cgi, etc. WebShell is also known as backdoor of websites because it helps to obtain a certain operation permissions to Web servers. WebShell can not only be used to manage websites and Web servers for administrators, but also be used by invaders to control Web server maliciously. China Chopper is a powerful management tools of websites, which may be used to carry out WebShell attacks. This rule inspects JSP code in HTTP request to find out and prevent WebShell attack attempt. This rule supports to defend the A7: Identification and Authentication Failures of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.