Login
| Title | Size | Downloads |
|---|---|---|
| V7-WAF-1.0.37.dat | 2.14 MB |
Version number
V7-WAF-1.0.37
MD5 number
41cf4914be3046ff1d6180c3b8a7d732
Update time
2024-12-25
Update attack list
Key new rules:
------------------------------
49441 WEB_SERVER_WEBSHELL_JspSpy_Communication_Behavior
---- Category: Vulnerability
---- Description:
---- The WebShell Trojan is a malicious attack on the network server. When executing the code in the Trojan, it can steal server data or obtain server administrator rights. The attacker uploads the webshell Trojan horse to the target website directory by means of file inclusion and file upload to attack websites. If this rule is matched, the WEB server is detected to be implanted with JspSpy WebShell Trojan.
49445 Backdoor_WebShell_Skyscorpion_Connect_Attempt
---- Category: Vulnerability
---- Description:
---- The attacker attempts to connect to the server by uploading the Behinder to control the web server (you can upload and download files, view the database, execute arbitrary program commands, etc.)
49450 Phpsploit_Webshell_Communication
---- Category: Vulnerability
---- Description:
---- Phpsploit is a post penetration exploitation tool that allows attackers to maintain access links with target hosts (such as compromised web servers) and implement authorization operations.
49477 Try_to_bypass_the_Webshell_file_upload(confused_php_Trojan_using_urldecode)
---- Category: Vulnerability
---- Description:
---- Webshell is a code execution environment in the form of asp, php, jsp, cgi and other web files. If Webshell is used by attackers, it can lead to the website server being charged, resulting in major security accidents. An attacker usually obtains Webshells through file upload vulnerabilities, but can also write webshells through remote command execution vulnerabilities or SQL injections. This use case simulates uploads using urldecode obfuscated php trojans to verify the security device's ability to detect Webshell upload attacks.
