'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

mal_webshell_msc: behinder4_jsp_file_upload_xor(Rule ID:1090410093)

Release Date2025/9/15

Rule NameBehinder4 jsp webshell File upload(AES)

Severity:critical

CVE ID

 

Descripiton

WebShell is a kind of command execution envrionment which is in the form of Web page files like asp, php, jsp, cgi, etc. WebShell is also known as backdoor of websites because it helps to obtain a certain operation permissions to Web servers. WebShell can not only be used to manage websites and Web servers for administrators, but also be used by invaders to control Web server maliciously.Behinder is a very popular Webshell client, which establishes an encrypted tunnel in the HTTP protocol to avoid detection by security devices.This rule supports to defend the A7: Identification and Authentication Failures of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.