Literally speaking, Baidu Encyclopedia is a shell script program for web pages; the original webshell is an application script written in various languages (asp, jsp, php, etc.) to manage and control the web server, which can be used in the web front end The back-end executes special commands, and later webshells gradually become more flavorful and are used by hackers for malicious purposes. Most of them are "backdoor" files implanted in the background of the website. Many malicious operations can be performed by webshell.
Webshall type:
one-sentence Trojan horse, small horse, Malaysia
one-sentence Trojan horse: the code is very short, usually only one sentence; it is easy to use, it can be inserted to execute the file and it is not easy to detect; there are many distortions, and it is difficult to detect and kill; the basic execution logic is not Will change;
Malaysia: large, full-featured, able to manage databases, file management, fast collection of information on the site, and even able to escalate rights;
Xiaoma is generally the door key for Malaysia, and Xiaoma passes the authority for Malaysia.
Classic Word Trojan Horse
Chinese Ant Sword
Get the flag.
Here, Ant Sword has its one-sentence Trojan horse.
Notes
Link: How does a one-sentence Trojan (webshell) execute commands?