Imperva Cyber Community

Expand all | Collapse all

Smallshell ASP Webshell Upload Detection

  • 1.  Smallshell ASP Webshell Upload Detection

    Posted 06-01-2020 04:04
    Hi Guys,

    Would like to know are Imperva WAF protect the small shell detection?

    As one of our client IPS is detected a webshell upload detection. 

    and we are curious that will imperva protect this type of violation?

    What is the method or signature will be used for this protection?

    Tried to search with the hash value provide by client on the signature tab, but seem not included.

    Just would like to confirm are the appliances will protect over this violation?
    If yes, what is the method used by Imperva.

    the hash value is as below.
    8c46d4b08d36e1f0ef8694024161ecb70eda55ecbefb89401d54a3901ea94957
    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Michael Cheng
    Ensign InfoSecurity (M) Sdn Bhd
    Bukit Jalil
    ------------------------------


  • 2.  RE: Smallshell ASP Webshell Upload Detection

    Impervian
    Posted 06-01-2020 05:08
    Hi Michael,

    There is a policy named as "Malicious File Upload", it may help you with some modification regarding your case. The details of the policy are below:



    ------------------------------
    cezmi çal
    technical expert
    Barikat Cyber Security
    ------------------------------