Web shell

A Web shell is a script that can be uploaded to a web server to enable remote administration of the machine. A web shell can be written in any language that the target web server supports.^[1] The most commonly observed web shells are written in languages that are widely supported, such as PHP and ASP. Perl, Ruby, Python, and Unix shell scripts are also used. Once successfully uploaded, an adversary can use the web shell to leverage other exploitation techniques to escalate privileges and to issue commands remotely. These commands are directly linked to the privilege and functionality available to the web server and may include the ability to add, delete, and execute files as well as the ability to run shell commands, further executables, or scripts.^[2][3]

1. ↑ Wrench, P. M.; Irwin, B. V. W. (1 August 2015). "Towards a PHP webshell taxonomy using deobfuscation-assisted similarity analysis". 2015 Information Security for South Africa (ISSA). pp. 1–8. doi:10.1109/ISSA.2015.7335066. ISBN 978-1-4799-7755-0. S2CID 10056400. Retrieved 17 February 2019 – via IEEE Xplore.
2. ↑ US Department of Homeland Security. "Web Shells – Threat Awareness and Guidance". www.us-cert.gov. Retrieved 20 December 2018. This article incorporates text from this source, which is in the public domain.
3. ↑ admin (3 August 2017). "What is a Web shell?". malware.expert. Retrieved 20 December 2018.