A Good Shell is Hard to -Find- Choose presented at corncon 2017

by Killian Ditch,

Summary : [30 minutes] Given the plethora of remote command shell payloads out there, how does one decide which to use? Should an initial foothold such as a webshell be upgraded to an interactive shell; if so, why and how? Perhaps a Meterpreter payload would be best. That decision then leads to the following question of should it be a standard Windows or Linux Meterpreter payload? Maybe it should be a PHP or Java Meterpreter instead. This talk will discuss the various differences in the aforementioned options among others, with the goal being to impart an understanding of which payloads may be best suited for which situations and why. Many of the assorted options will be demonstrated in scenarios derived from situations encountered in real penetration tests to exemplify the need for the ability to differentiate between payloads.