Intrusion Prevention



This indicates an attempt to use Twoface web shell.
A web shell is a malicious script, acting as a backdoor, that can be uploaded to a web server to enable remote administration of the machine. Web shells are often installed by attackers through web application vulnerabilities or configuration weaknesses.

Affected Products

Any compromised server


System Compromise: Remote attacker can gain control of vulnerable systems.

Recommended Actions

Remove the malicious file from the server.