kids encyclopedia robot

Web shell facts for kids

Kids Encyclopedia Facts
B374k 2.8 shell running on a Linux server
A b374k 2.8 shell running on a Linux server
An example of what a fake error page might look like in a WSO web shell
An example of what a fake error page might look like in a WSO web shell.

A Web shell is a script that can be uploaded to a web server to enable remote administration of the machine. A web shell can be written in any language that the target web server supports. The most commonly observed web shells are written in languages that are widely supported, such as PHP and ASP. Perl, Ruby, Python, and Unix shell scripts are also used. Once successfully uploaded, an adversary can use the web shell to leverage other exploitation techniques to escalate privileges and to issue commands remotely. These commands are directly linked to the privilege and functionality available to the web server and may include the ability to add, delete, and execute files as well as the ability to run shell commands, further executables, or scripts.

Examples of Web shells

Web shells such as China Chopper, WSO, C99 and B374K are frequently chosen by adversaries; however these are just a small number of known used web shells.

  • b374k – A web shell written in PHP with abilities such as monitoring processes & command execution. The latest version of the b374k shell is 3.2.3.
  • C99 – A version of the WSO shell with additional functionality. Can display the server’s security measures and contains a self-delete function.
  • China Chopper – A small web shell packed with features. Has several command and control features including a password brute force capability.
  • WSO – Stands for “web shell by orb” and has the ability to masquerade as an error page containing a hidden login form.
  • Web shells can be as short as just one line of code.

<?=`$_GET[1]`?> Web shell of size 15 bytes.

Delivery tactics

Web shells can be delivered through a number of web application exploits or configuration weaknesses such as:

  • Cross-site scripting
  • SQL injection
  • Vulnerabilities in applications/services (such as WordPress or other CMS applications)
  • File processing vulnerabilities (such as upload filtering or assigned permissions)
  • Remote file inclusion (RFI) and local file influsion (LFI) vulnerabilities
  • Exposed admin interfaces

Images for kids

  • B374k shell running on windows 7 ultimate edition server

    A b374k shell running on a Windows 7 Ultimate Edition server.

kids search engine
All content from Kiddle encyclopedia articles (including the article images and facts) can be freely used under Attribution-ShareAlike license, unless stated otherwise. Cite this article:
Web shell Facts for Kids. Kiddle Encyclopedia.