☑️Introduction
Shells Jack Us In, Payloads Deliver Us Shells
A shell is a program that provides a computer user with an interface to input instructions into the system and view text output (bash, powershell for example).
Why get a shell? Shell gives us direct access to the OS, system commands, and file system. Establishing a shell also allows us to maintain persistence on the system, giving us more time to work.
Another significant benefit of becoming skilled with command-line interfaces is that they can be harder to detect than graphical shells, faster to navigate the OS, and easier to automate our actions.
Here are some different perspectives of what a shell is:
Perspective
Description
Computing
The text-based userland environment that is utilized to administer tasks and submit instructions on a PC. Think Bash, Zsh, cmd, and PowerShell.
Exploitation & Security
A shell is often the result of exploiting a vulnerability or bypassing security measures to gain interactive access to a host. An example would be triggering EternalBlue on a Windows host to gain access to the cmd-prompt on a host remotely.
Web
This is a bit different. A web shell is much like a standard shell, except it exploits a vulnerability (often the ability to upload a file or script) that provides the attacker with a way to issue instructions, read and access files, and potentially perform destructive actions to the underlying host. Control of the web shell is often done by calling the script within a browser window.
Now, when talking about payload, it is defined differently as well:
Networking: The encapsulated data portion of a packet traversing modern computer networks.
Basic Computing: A payload is the portion of an instruction set that defines the action to be taken. Headers and protocol information removed.
Programming: The data portion referenced or carried by the programming language instruction.
Exploitation & Security: A payload is code crafted with the intent to exploit a vulnerability on a computer system. The term payload can describe various types of malware, including but not limited to ransomware.
Last updated