TryHackMe — Shells Overview | Cyber Security 101 (THM)

Shell Overview

A shell is software that enables user interaction with an OS, typically through a command-line interface. In cybersecurity, it often refers to a shell session an attacker uses to access a compromised system, allowing them to execute commands and run software.

Common Activities in Cybersecurity:

• Remote System Control: Execute commands or software remotely on the target system.
• Privilege Escalation: Explore ways to gain elevated or administrative access if initial shell access is limited.
• Data Exfiltration: Read and copy sensitive data once command execution is possible.
• Persistence and Maintenance Access: Create user accounts, use credentials, or install backdoors for continued access to the system.
• Post-Exploitation Activities: Deploy malware, create hidden accounts, or delete data after shell access is granted.
• Access Other Systems on the Network: Use the compromised shell to pivot to other targets within the network.

Answer the questions below

1. What is the command-line interface that allows users to interact with an operating system?
   Shell
2. What process involves using a compromised system as a launching pad to attack other machines in the network?
   Pivoting
3. What is a common activity attackers perform…