Web Shell definition in Cybersecurity

A Web Shell is a malicious script or program that enables remote administration of a web server. Attackers deploy web shells on compromised web servers to gain persistent access and control, allowing them to execute commands, steal data, and further exploit the compromised system.

Notable Incidents

  1. 2015 U.S. Office of Personnel Management (OPM) breach
  2. 2019 UN Web Shell Attack

How to Protect Your Network against Web Shell

  1. Regularly scan web servers for vulnerabilities and unauthorized file changes.
  2. Implement strict file upload controls and permissions.