Reverse WWW Shell (HTTP)

• Allows an attacker to remotely access a victim machine with a command-line prompt
• A Reverse WWW Shell server and Perl interpreter must be installed on the victim machine
• A Reverse WWW Shell master software and Perl interpreter must be installed on the attacker’s machine
• Can sneak past firewall
• Perl code available at http://thc.pimmel.com
• Every minute, Reverse WWW Shell server will contact the master to retrieve commands issued by the attacker
• Reverse WWW Shell server executes the commands, sends the results to Reverse WWW Shell master (via http request), and retrieves the next command (via http reply)
• Victim machine appears to be a web client sending HTTP Get commands while attacker’s machine appears to be a web server