Web Shells

A web shell is a browser-based shell session we can use to interact with the underlying operating system of a web server.

• Most web shells are gained by uploading a payload written in a web language on the target server.

• The payload(s) we upload should give us remote code execution capability within the browser.

• To achieve persistence on a system, in many cases, this is the initial way of gaining remote code execution via a web application, which we can then use to later upgrade to a more interactive reverse shell.

Considerations when dealing with Web Shells

• Web apps can sometimes automatically delete files after a defined period of time

• Limited interactivity with the OS in terms of:

  • navigating the file system

  • downloading and uploading files

  • chaining commands together might not work (whoami && hostname)

  • instability through non-interactive web shell