[SANS ISC Diary] The Power of Web Shells

I published the following diary on “The Power of Web Shells“.

Web shells are not new in the threats landscape. A web shell is a script (written in PHP, ASL, Perl, … – depending on the available environment) that can be uploaded to a web server to enable remote administration. If web shells are usually installed for good purposes, many of them are installed on compromised servers. Once in place, the web shell will allow a complete takeover of the victim’s server but it can also be used to pivot and attack internal systems… [Read more]


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.