Hello, aspiring ethical hackers. In this blogpost you will learn about web shell. In our previous blogpost you learnt what is a shell, what it does and the types of shell. A web shell is a type of shell but it is used in relation to websites and web server.
What is a web shell?
A web shell is a type of shell that gives attacker access to a website or web server. It is usually uploaded after already the website is compromised as a means to have persistent access to the website in future.
Web shells have various features. Most important of them are,
- Persistent access.
- Uploading additional files to the web server.
- Downloading files from the web server.
- Executing additional scripts on the web server.
- Dumping databases of the web server.
- Pivoting to other devices on the network.
- Privilege escalation etc.
We can say that once a web shell is uploaded to the website, it gives complete control over the website to the attackers.
How are web shells uploaded?
Some vulnerabilities and attack allow hackers to upload web shells to the website to keep having persistent access. Some of these vulnerabilities are.
1. File upload vulnerabilities:
File upload or Remote file inclusion (RFI) vulnerabilities allow attackers to upload arbitrary files to the web servers. These arbitrary files are most probably web shells.
2. Path traversal vulnerabilities:
In some cases, path traversal or Local File Inclusion (LFI) vulnerabilities also allow attackers to upload web shells.
3. XSS vulnerability:
Not just file inclusion vulnerabilities, even cross site scripting (XSS) vulnerabilities in some cases allow uploading of web shells.
After the password of the website is successfully cracked, attackers can upload web shells to a website for future access.
Types of web shells
Web shells are easily available on internet. There are various types of web shells with variety of features in various languages. Needless to say, the web shell being uploaded to the website should be of same languages as the server-side scripting language used on the web server or website. Now, let’s study about some web shells.
1. Weevely:
Weevely is a web shell designed for POST-exploitation with almost 30 modules to assist in administrative tasks, maintaining access, elevate privileges and spreading over the network. Learn more about it here.
2. Web shells in Kali Linux
Kali Linux itself has some web shells ready to be deployed. Although their functionality is simple, they are quite good for beginners. Learn about them here.
3. Metasploit/MSFvenom
Is there anything Metasploit can’t create? Yes, you can create your own web shell with msfvenom. Learn how.
4. C99 shell
Peering to the Black Hat side, C99 shell or its variants are still being used by Black Hat Hackers in real world. Learn more about C99 shell here.
Follow Us
