This repository has been archived by the owner on Apr 9, 2024. It is now read-only.
T1100 - Web Shell #25
Labels
Comments
daniel-infosec
added
enhancement
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Description
A Web shell is a Web script that is placed on an openly accessible Web server to allow an adversary to use the Web server as a gateway into a network. A Web shell may provide a set of functions to execute or a command-line interface on the system that hosts the Web server. In addition to a server-side script, a Web shell may have a client interface program that is used to talk to the Web server (see, for example, China Chopper Web shell client). [1]
Web shells may serve as Redundant Access or as a persistence mechanism in case an adversary's primary access methods are detected and removed.
References
https://github.com/redcanaryco/atomic-red-team/tree/master/atomics/T1100/shells
https://github.com/BlackArch/webshells
Plan
Either enumerate technology or have engineer specify path/payload
The text was updated successfully, but these errors were encountered: