[Owasp-modsecurity-core-rule-set] modsecurity not detecting php reverse shell

Sabin Ranjit think.sabin at gmail.com
Thu Feb 26 11:31:49 UTC 2015


hi,
I implemented modsecurity and clamav in a server, and used rules,
 modsecurity_crs_46_av_scanning.conf
modsecurity_crs_45_trojans.conf

The found out during upload of php-reverse-shell.php file clamav wont
detect it as a malware and modsecurity wont block it. similarly the
modsecurity_crs_45_trojans.conf wont detect it.

Is there any way I can detect reverse-shell files and similar malware??

Many thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20150226/33a57163/attachment.html>


More information about the Owasp-modsecurity-core-rule-set mailing list