Skip to content

NXNJZ

Linux and Security

  • BLOG
  • Cowsay Fortune
  • Contact
  • Gitlab
  • Company Homepage

Tag: webshells

WebShells

Posted on June 20, 2018 - August 20, 2018 by nxnjz

Basics

If you don’t understand what a shell is, click here.

A webshell is usually a web page that allows the user Operating System control, usually via a command line.

Many webshells also provide a graphical interface for ease of use.

You should only use a webshell when more conventional access, like SSH or the almost obsolete Telnet, is not available.

Some may work better than others, some may not work at all depending on the security measures employed by the target.

Watch out for webshells that are backdoored. While webshells are usually considered backdoors themselves, many of them will “phone home”, letting someone (whoever put the backdoor in place, usually the developer) know that they have been executed. That person may then use the backdoor themself for nefarious purposes.  So make sure you look at the code before using a webshell, or look at HTTP traffic generated upon execution of the file. The latter will not necessarily show the existence of the backdoor in your shell. The files listed below are from reputable sources only, so you may trust them.

 

WebShells

 

    • Laudanum at github: A collection of webshells in different languages.
    • Antak PowerShell Aspx: Simple and works very well.
    • WeBaCoo: Perl script for generating php backdoors, also allows to connect to a backdoor from your terminal for terminal-like access.
    • Weevely:  Powerful python script for generating backdoors, connecting to them, and running different modules to help with many tasks.

 

 

Posted in Web-ShellsTagged asp, aspx, backdoor, php, shell, web, webshellsLeave a comment

Recent Posts

  • CVE-2021-42052 full disclosure
  • How to Set Up an Interactive SSH Honeypot on CentOS 8.
  • HackTheBox.eu Jarvis Writeup
  • How to setup a simple proxy server with tinyproxy (Debian 10 Buster)
  • How to Install qdPM 9.1 on Debian 10 LEMP

Tags

802.11 ampache apache aspx bash cd centos cms crm cve debian exploits fedora fulldisclosure hackthebox honeypot http httpd ifconfig iw iwconfig labs lfi linux mariadb memory monit music nginx pastebin php privatebin privesc project management proxy reconnoitre selinux shopt ssh systemd txpower ubuntu wallabag wireless xxe

Categories

  • BASH (1)
  • CTF/Labs (2)
  • CVE / full disclosure (1)
  • Information Gathering (1)
  • Linux (25)
  • Password Cracking (1)
  • Privilege Escalation (2)
  • SQL Injection (1)
  • Web-Shells (1)
  • Wifi (2)
  • XXE (1)

Recent Comments

  • Bernard Martiny on How to Install PrivateBin on Ubuntu 18.04 LTS
  • VuCSA on List of security labs/challenges/CTFs
  • Brian on How to Install PrivateBin on Fedora 29.
  • Tyreeb on Installing Ampache on CentOS 7.
  • Christian Mora on Installing Ampache on CentOS 7.