'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

mal_webshell_msc: php_webshell_upload_sensitive_func(Rule ID:1090410044)

Release Date2025/9/15

Rule NamePHP Webshell Upload (Sensitive Functions)

Severity:high

CVE ID

 

Descripiton

WebShell is a kind of command execution envrionment which is in the form of Web page files like asp, php, jsp, cgi, etc. WebShell is also known as backdoor of websites because it helps to obtain a certain operation permissions to Web servers. WebShell can not only be used to manage websites and Web servers for administrators, but also be used by invaders to control Web server maliciously. This rule detects the upload of PHP Webshell files. This rule supports to defend the A7: Identification and Authentication Failures of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.