An intruder places code on a compromised server that permits system-level commands via a browser-based interface. Which tactic is enabling them to maintain this interactive access?
Malicious macros embedded in an office file
A social engineering effort exploiting user trust
A Trojan that captures user keystrokes from compromised endpoints
A web shell leveraging the server’s HTTP service to run OS commands
A web shell uses a script running on the server to provide a remote interface through HTTP requests, allowing the attacker to issue operating system commands. Malicious macros typically require a user to open a file, which does not yield an interactive console over a browser. Social engineering focuses on tricking users into revealing information, not giving direct system commands. A Trojan with keylogging capabilities gathers keystrokes, whereas a web shell lets the attacker run commands on the compromised machine.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a web shell and how does it work?
Open an interactive chat with Bash
How does a web shell compare to other types of malware?
Open an interactive chat with Bash
What steps can be taken to detect and remove a web shell?