From the course: Kali Linux for Advanced Pen Testing and Ethical Hacking
Join today to access over 24,900 courses taught by industry experts.
Exploring Kali webshells - Linux Tutorial
From the course: Kali Linux for Advanced Pen Testing and Ethical Hacking
Exploring Kali webshells
- [Tutor] One of the more important categories of shells are those that can be activated via the web. If we have the opportunity to upload a file to a website, we can then use this to activate the shell remotely via the URL. If the service supports the active code, it will pop a shell in place. If it doesn't support the active code, then it will just display a panel asking whether to open or save the file. Because different targets will have different forms of active code, you need to have as many web shells available as possible. Kali provides a number of web shells to support the various active code options. Let's take a look at them. LS /user/share/webshells. Here we can see folders for ASP, ASPX, CFM, JSP, Perl, and PHP. The different variants of the same basic shell approach. We also have the Laudanum repository of web shells to be used in conjunction with SQL injections. A popular form of active content is PHP.…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.