|
Web Shell
A web shell is a Shell (computing), shell-like interface that enables a web server to be remotely accessed, often for the purposes of cyberattacks. A web shell is unique in that a web browser is used to interact with it. A web shell could be programmed in any programming language that is supported on a server. Web shells are most commonly written in PHP due to the widespread usage of PHP for web applications. Though Active Server Pages, ASP.NET, Python (programming language), Python, Perl, Ruby (programming language), Ruby, and Unix shell scripts are also used. Using Network monitoring#Notable network monitoring tools, network monitoring tools, an attacker can find Vulnerability (computing), vulnerabilities that can potentially allow delivery of a web shell. These vulnerabilities are often present in applications that are run on a web server. An attacker can use a web shell to issue shell commands, perform privilege escalation on the web server, and the ability to upload, File d ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Shell (computing)
An operating system shell is a computer program that provides relatively broad and direct access to the system on which it runs. The term ''shell'' refers to how it is a relatively thin Abstraction layer, layer around an operating system. A shell is generally a command-line interface (CLI) program although some graphical user interface (GUI) programs are arguably classified as shells too. Overview Operating systems provide various services to their users, including File manager, file management, Process (computing), process management (running and terminating Application program, applications), batch processing, and operating system monitoring and configuration. Most operating system shells are not ''direct'' interfaces to the underlying Kernel (operating system), kernel, even if a shell communicates with the user via peripheral devices attached to the computer directly. Shells are actually special applications that use the kernel API in just the same way as it is used by ot ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Execution (computing)
Execution in computer and software engineering is the process by which a computer or virtual machine interprets and acts on the instructions of a computer program. Each instruction of a program is a description of a particular action which must be carried out, in order for a specific problem to be solved. Execution involves repeatedly following a " fetch–decode–execute" cycle for each instruction done by the control unit. As the executing machine follows the instructions, specific effects are produced in accordance with the semantics of those instructions. Programs for a computer may be executed in a batch process without human interaction or a user may type commands in an interactive session of an interpreter. In this case, the "commands" are simply program instructions, whose execution is chained together. The term run is used almost synonymously. A related meaning of both "to run" and "to execute" refers to the specific action of a user starting (or ''launching'' or ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
File Inclusion Vulnerability
A file inclusion vulnerability is a type of web vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. A file include vulnerability is distinct from a generic directory traversal attack, in that directory traversal is a way of gaining unauthorized file system access, and a file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application. An attacker can use remote code execution to create a web shell on the web server, which can be used for website defacement. Types of Inclusion Remote file inclusion Remote file inclusion (RFI) occurs when the web application downloads a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
WordPress
WordPress (WP, or WordPress.org) is a web content management system. It was originally created as a tool to publish blogs but has evolved to support publishing other web content, including more traditional websites, electronic mailing list, mailing lists, Internet forum, Internet forums, media galleries, membership sites, learning management systems, and shopping cart software, online stores. Available as free and open-source software, free and open-source software, WordPress is among the most popular content management systems – it was used by 22.52% of the top one million websites . WordPress is written in the PHP programming language and paired with a MySQL or MariaDB database. Features include a plug-in (computing), plugin architecture and a web template system, template system, referred to within WordPress as "Themes". To function, WordPress has to be installed on a web server, either as part of an Internet hosting service or on a personal computer. WordPress was first ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Content Management System
A content management system (CMS) is computer software used to manage the creation and modification of digital content ( content management).''Managing Enterprise Content: A Unified Content Strategy''. Ann Rockley, Pamela Kostur, Steve Manning. New Riders, 2003. It is typically used for enterprise content management (ECM) and web content management (WCM). ECM typically supports multiple users in a collaborative environment, by integrating document management, digital asset management, and record retention. Alternatively, WCM is the collaborative authoring for websites and may include text and embed graphics, photos, video, audio, maps, and program code that display content and interact with the user. ECM typically includes a WCM function. Structure A CMS typically has two major components: a content management application (CMA), as the front-end user interface that allows a user, even with limited expertise, to add, modify, and remove content from a website without the interve ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Nginx
(pronounced "engine x" , stylized as NGINX or nginx) is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. The software was created by Russian developer Igor Sysoev and publicly released in 2004. Nginx is free and open-source software, released under the terms of the 2-clause BSD license. A large fraction of web servers use Nginx, often as a load balancer. A company of the same name was founded in 2011 to provide support and ''NGINX Plus'' paid software. In March 2019, the company was acquired by F5 for $670 million. Popularity , W3Tech's web server count of all web sites ranked Nginx first with 33.8%. Apache was second at 26.4% and Cloudflare Server third at 23.4%. , Netcraft estimated that Nginx served 20.11% of the million busiest websites with Cloudflare a little ahead at 22.99%. Apache at 17.83% and Microsoft Internet Information Services at 4.16% rounded out the top four servers for the busiest websites. Some o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SQL Injection
In computing, SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. SQL injection attacks allow attackers to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server. Document-oriented NoSQL databases can also be affect ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
China Chopper
China Chopper is a web shell approximately 4 kilobytes in size, first discovered in 2012. This web shell is commonly used by malicious Chinese actors, including advanced persistent threat (APT) groups, to remotely control web servers. This web shell has two parts, the client interface (an executable file) and the receiver host file on the compromised web server. China Chopper has many commands and control features such as a password brute-force attack option, code obfuscation, file and database management and a graphical user interface. It originally was distributed from a website www.maicaidao.com which is now down. FireEye revealed that the client of this web shell is programmed in Microsoft Visual C++ 6.0 China Chopper was used in attacks against eight Australian web hosting providers which were compromised due to their use of an unsupported operating system (Windows Server 2008). Hackers connected the web servers to a Monero mining pool, by which they mined about 3868 AUD wor ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Malware
Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to cause disruption to a computer, server (computing), server, Client (computing), client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. Researchers tend to classify malware into one or more sub-types (i.e. computer viruses, Computer worm, worms, Trojan horse (computing), Trojan horses, logic bombs, ransomware, spyware, adware, rogue software, Wiper (malware), wipers and keyloggers). Malware poses serious problems to individuals and businesses on the Internet. According to NortonLifeLock, Symantec's 2018 Internet Security Threat Report (ISTR), malware variants number has increased to 66 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Botnet
A botnet is a group of Internet-connected devices, each of which runs one or more Internet bot, bots. Botnets can be used to perform distributed denial-of-service attack, distributed denial-of-service (DDoS) attacks, steal data, send Spamming, spam, and allow the attacker to access the device and its connection. The owner can control the botnet using command and control (C&C) software. The word "botnet" is a portmanteau of the words "robot" and "Computer network, network". The term is usually used with a negative or malicious connotation. Overview A botnet is a logical collection of Internet-connected devices, such as computers, smartphones or Internet of things (IoT) devices whose Computer security, security have been breached and control ceded to a third party. Each compromised device, known as a "bot," is created when a device is penetrated by software from a ''malware'' (malicious software) distribution. The controller of a botnet is able to direct the activities of these comp ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Denial-of-service Attack
In computing, a denial-of-service attack (DoS attack) is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. The range of attacks varies widely, spanning from inundating a server with millions of requests to slow its performance, overwhelming a server with a substantial amount of invalid data, to submitting requests with an illegitimate IP address. In a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. More sophisticated strategies are required to mitigate this type of attack; simply attempting to block a single source is insuffic ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
