WebShell

PHP WebShell Malware using Image Files

WebShell is a file that is uploaded to a web server which runs file navigation or system shell commands. The attacker can use the web browser to navigate through the files of the server system and issue shell commands. Certain file extensions for uploaded files can be restricted to prevent malicious WebShell files from being uploaded to the server; however, the attacker can bypass such actions with the following method: Upload a file that bypasses the Server-Side Script’s file extension…