CAPEC-650: Upload a Web Shell to a Web Server
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
By exploiting insufficient permissions, it is possible to upload a web shell to a web server in such a way that it can be executed remotely. This shell can have various capabilities, thereby acting as a "gateway" to the underlying web server. The shell might execute at the higher permission level of the web server, providing the ability the execute malicious code at elevated levels.
前提条件
- The web server is susceptible to one of the various web application exploits that allows for uploading a shell file.
后果影响
影响范围: Confidentiality
技术影响: Read Data
影响范围: Confidentiality Access Control Authorization
技术影响: Gain Privileges
影响范围: Confidentiality Integrity Availability
技术影响: Execute Unauthorized Commands
缓解措施
Make sure your web server is up-to-date with all patches to protect against known vulnerabilities.
Ensure that the file permissions in directories on the web server from which files can be execute is set to the "least privilege" settings, and that those directories contents is controlled by an allowlist.
分类映射
| 分类名称 | 条目ID | 条目名称 |
|---|---|---|
| ATTACK | 1505.003 | Server Software Component:Web Shell |