Jump to content

Shell shoveling

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Citation bot (talk | contribs) at 06:38, 4 December 2020 (Alter: url. URLs might have been internationalized/anonymized. | You can use this bot yourself. Report bugs here. | Suggested by AManWithNoPlan | All pages linked from cached copy of User:AManWithNoPlan/sandbox2 | via #UCB_webform_linked 755/4703). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Shell shoveling, in network security, refers to the act of redirecting the input and output of a shell to a service so that it can be remotely accessed.[1]

In computing, the most basic method of interfacing with the operating system is the shell. On Microsoft Windows based systems, this is a program called cmd.exe or COMMAND.COM. On Unix or Unix-like systems, it may be any of a variety of programs such as bash, ksh, etc. This program accepts commands typed from a prompt and executes them, usually in real time, displaying the results to what is referred to as standard output, usually a monitor or screen.

In the shell shoveling process, one of these programs is set to run (perhaps silently or without notifying someone observing the computer) accepting input from a remote system and redirecting output to the same remote system; therefore the operator of the shoveled shell is able to operate the computer as if they were present at the console.[2]

References

  1. ^ "'Inside-out' security", InfoWorld, vol. 22, no. 12, p. 49, March 20, 2000
  2. ^ Tipton, Harold F.; Krause, Micki (2007), Information Security Management Handbook (6th ed.), CRC Press, p. 2839, ISBN 978-1-4200-1358-0
Retrieved from "https://en.wikipedia.org/w/index.php?title=Shell_shoveling&oldid=992242028"