Shells Overview

Introduction

Shells in cyber security are widely used by attackers to remotely control systems, making them an important part of the attack chain. In this room, we'll explore different shells used in offensive security, the differences between them, and their use cases. This knowledge can help enhance penetration testing and exploitation skills and also help us understand how to detect when a remote shell is being used by an attacker within an organization.

Learning Objectives

In this room, we'll cover the following learning objectives:

• Understand Shells in Offensive Security 
• Set Up and Use Reverse and Bind Shells
• Deploy Web Shells 

Room Prerequisites

An understanding of the following topics is recommended before starting the room:

• Basic Understanding of Networking
• Fundamental Knowledge of Web Application Security
• Basic Command Line Proficiency
• Familiarity with scripting languages like Bash, Python, or PHP

Caveats

The use of Metasploit or other Frameworks that generate or interact with shells has been intentionally left behind from this room. This is to focus on understanding how shells work without the use or assistance of a tool to either set up or generate a shell. Also, for this room, we'll use Linux OS for all the examples.

Starting the Machine

Start the lab by clicking the Start Machine button. It will take around 2 minutes to load properly. The VM will be accessible on the right side of the split screen. In case the VM is not visible, use the blue Show Split View button at the top of the page. 

Since we are practicing with shells that have remote access, we can use the AttackBox by clicking on the Start AttackBox button on the top left to emulate the target machine or use your machine connected to the VPN.