INTRO
I always wanted to post this article. But due to some issues, I had to delay it. and I will explain my issues later. Have you ever heard of a reverse shell? well, you may have if you have read our previous articles.
A reverse shell main purpose is to gain a system shell access. the reverse shell needs to be executed by the user. If somehow your reverse shell gets terminated, you will need to execute it again. it can be frustrated sometimes.
But a web-shell can be more persistent than the reverse shell. All you need to do is host it on the web server and use it via URL. But you may find some problems to upload it on the server. It is more possible if the webserver has some kind of file upload vulnerabilities.
But before going further, I would like to suggest some of my previous articles.
Hack a PC with python reverse shell
It would be so great if you would take a look at these posts.
ATTACK
For this tutorial, I am using a PHP7 based web-shell. I got a lot of problem with php5 based web-shells. besides, the php7 module comes with apache server. So, we won’t need to install it. I tried lots of web-shells and I found this one useful and advance.
Requirements:
1.apache server
2.php7 module(comes preinstalled with apache)
3.A Linux operating system(you can use windows but no guarantee that it would work)
Installation:
Installation of this web-shell is so easy:
∗first, we need to download this web-shell. copy the whole script from here and paste it into leafpad:
∗now go to the /var/www/html/
and paste it there. you can name your file with .php extension. for example, I have named it myshell.php
∗this step is not necessary. but for some reason, if your web-shell is not working. you can try to elevate the privileges of the web-shell:
chmod 775 <your PHP file name>
∗after that, you can run your webserver.
service apache2 start
∗ now you can just visit your web-shell via any browser.
we have created a situation where you can upload the web shell. But it is not necessary that you may always get this kind of situation where you can upload the web-shell into a server. well, that’s the only thing which is necessary to work with a web-shell.
 Change Web-Shell Password
It requires a password to enter into web shell. the default password is ghost287. But you can change it manually. You will need an MD5 hash of the password to change it. for example, I want my password to change to hellolady. so, I will need to encrypt it into MD5 and then have to paste it into line 7Â of the PHP file.
 Web-Shell Console
if you go to the console tab in the web-shell. you will be able to run commands. For example, I want to the network interfaces in that PC. so the command would be ifconfig
Brute-Force Services
If you see the FTP, MySQL or PostgreSQL services on the server. you can even perform a Brute-Force attack on these services with this web-shell.
 Network-Tools Web-Shell
In Network tools, you will find a way to get a reverse shell using Perl and C. there are two options, Bind reverse shell and simple back-to reverse shell.
All you need to do is start a listener and then you can start the reverse-shell from the web-shell.
To start a listener type this command:
nc -lvp 1234
I would not recommend you to run a web-shell of someone else’s. But if you have made it yourself. then there is no problem to run it. someone else’s web-shells can contain some malicious code whereby the maker can hack into your system.
But there is a tool in Kali Linux which can generate web-shells without any problem. I will write about it in my upcoming articles if someone is curious to know. To make me write about the other web shell. Please comment down below.
Stay home, stay safe and keep reading our articles.
Thanks For Visiting