Web shell

A web shell is a shell-like interface that facilitates remote access to a web server, commonly exploited for cyberattacks. Unlike traditional shells, it is accessed via a web browser, making it a versatile tool for malicious activities.

Web shells can be coded in any programming language supported by a server, with PHP being the most prevalent due to its widespread use in web applications. Other languages, such as Active Server Pages, ASP.NET, Python, Perl, Ruby, and Unix shell scripts, are also employed.

Attackers identify vulnerabilities often in web server application using network monitoring tools, which can be exploited to deploy a web shell.

Once installed, a web shell allows attackers to execute shell commands, perform privilege escalation, and manage files by uploading, deleting, downloading, or executing them on the server.

This article is issued from Wikipedia. The text is available under Creative Commons Attribution-Share Alike 4.0 unless otherwise noted. Additional terms may apply for the media files.