{"id":16536,"date":"2024-08-29T10:25:17","date_gmt":"2024-08-29T03:25:17","guid":{"rendered":"https:\/\/interdata.vn\/blog\/?p=16536"},"modified":"2024-11-22T17:09:52","modified_gmt":"2024-11-22T10:09:52","slug":"web-shell-la-gi","status":"publish","type":"post","link":"https:\/\/interdata.vn\/blog\/web-shell-la-gi\/","title":{"rendered":"Web Shell l\u00e0 g\u00ec? H\u01b0\u1edbng d\u1eabn c\u00e1ch ph\u00e1t hi\u1ec7n v\u00e0 kh\u1eafc ph\u1ee5c"},"content":{"rendered":"<p>Web Shell l\u00e0 m\u00e3 \u0111\u1ed9c nguy hi\u1ec3m cho ph\u00e9p tin t\u1eb7c x\u00e2m nh\u1eadp v\u00e0 ki\u1ec3m so\u00e1t <a href=\"https:\/\/interdata.vn\/blog\/web-server\/\">m\u00e1y ch\u1ee7 web<\/a>, t\u1eeb \u0111\u00f3 th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh vi \u0111\u1ed9c h\u1ea1i nh\u01b0 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u hay t\u1ea5n c\u00f4ng h\u1ec7 th\u1ed1ng. B\u00e0i vi\u1ebft n\u00e0y s\u1ebd gi\u1ea3i th\u00edch c\u00e1ch Web Shell ho\u1ea1t \u0111\u1ed9ng, c\u00e1ch tin t\u1eb7c t\u1ea5n c\u00f4ng, c\u00f9ng v\u1edbi nh\u1eefng ph\u01b0\u01a1ng ph\u00e1p ph\u00e1t hi\u1ec7n v\u00e0 ng\u0103n ch\u1eb7n \u0111\u1ec3 b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng c\u1ee7a b\u1ea1n tr\u01b0\u1edbc m\u1ed1i \u0111e d\u1ecda n\u00e0y.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-white ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">N\u1ed8I DUNG<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 eztoc-toggle-hide-by-default' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/interdata.vn\/blog\/web-shell-la-gi\/#Web-Shell-la-gi\" >Web Shell l\u00e0 g\u00ec?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/interdata.vn\/blog\/web-shell-la-gi\/#Cach-thuc-hoat-dong-cua-Web-Shell\" >C\u00e1ch th\u1ee9c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a Web Shell<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/interdata.vn\/blog\/web-shell-la-gi\/#Muc-dich-su-dung-Web-Shell-la-gi\" >M\u1ee5c \u0111\u00edch s\u1eed d\u1ee5ng Web Shell l\u00e0 g\u00ec?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/interdata.vn\/blog\/web-shell-la-gi\/#Cach-thuc-tai-va-su-dung-Web-Shell\" >C\u00e1ch th\u1ee9c t\u1ea3i v\u00e0 s\u1eed d\u1ee5ng Web Shell<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/interdata.vn\/blog\/web-shell-la-gi\/#Truy-cap-tu-xa-lien-tuc-cua-Web-Shell-la-gi\" >Truy c\u1eadp t\u1eeb xa li\u00ean t\u1ee5c c\u1ee7a Web Shell l\u00e0 g\u00ec?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/interdata.vn\/blog\/web-shell-la-gi\/#Cach-su-dung-Botnet-Web-Shell\" >C\u00e1ch s\u1eed d\u1ee5ng Botnet Web Shell<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/interdata.vn\/blog\/web-shell-la-gi\/#Cach-phat-hien-Web-Shell\" >C\u00e1ch ph\u00e1t hi\u1ec7n Web Shell<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/interdata.vn\/blog\/web-shell-la-gi\/#Huong-dan-cach-phong-chong-Web-Shell\" >H\u01b0\u1edbng d\u1eabn c\u00e1ch ph\u00f2ng ch\u1ed1ng Web Shell<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Web-Shell-la-gi\"><\/span>Web Shell l\u00e0 g\u00ec?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><strong>Web Shell<\/strong> l\u00e0 m\u1ed9t d\u1ea1ng ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1ec3 t\u1ea5n c\u00f4ng c\u00e1c <a href=\"https:\/\/interdata.vn\/blog\/page-la-gi\/\">trang web<\/a> v\u00e0 cung c\u1ea5p cho k\u1ebb x\u1ea5u quy\u1ec1n truy c\u1eadp t\u1eeb xa v\u00e0o <a href=\"https:\/\/interdata.vn\/blog\/may-chu-server-la-gi\/\">m\u00e1y ch\u1ee7<\/a> l\u01b0u tr\u1eef trang web \u0111\u00f3. V\u1edbi Web Shell, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 th\u1ef1c thi l\u1ec7nh v\u00e0 thao t\u00e1c tr\u00ean m\u00e1y ch\u1ee7 t\u1eeb xa th\u00f4ng qua tr\u00ecnh duy\u1ec7t web.<\/p>\n<p>Quy\u1ec1n truy c\u1eadp n\u00e0y cho ph\u00e9p th\u1ef1c hi\u1ec7n nhi\u1ec1u ho\u1ea1t \u0111\u1ed9ng nguy hi\u1ec3m nh\u01b0 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u, ph\u00e1 ho\u1ea1i h\u1ec7 th\u1ed1ng, ti\u1ebfn h\u00e0nh c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng kh\u00e1c ho\u1eb7c bi\u1ebfn m\u00e1y ch\u1ee7 th\u00e0nh m\u1ed9t ph\u1ea7n c\u1ee7a m\u1ea1ng <a href=\"https:\/\/interdata.vn\/blog\/botnet-la-gi\/\">botnet<\/a> \u0111\u1ec3 th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh \u0111\u1ed9ng t\u1ea5n c\u00f4ng c\u00f3 t\u1ed5 ch\u1ee9c.<\/p>\n<figure id=\"attachment_16557\" aria-describedby=\"caption-attachment-16557\" style=\"width: 900px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/web-shell-la-gi.webp\" alt=\"Web Shell l\u00e0 g\u00ec?\" width=\"900\" height=\"600\" class=\"size-full wp-image-16557\" title=\"\" srcset=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/web-shell-la-gi.webp 900w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/web-shell-la-gi-300x200.webp 300w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/web-shell-la-gi-768x512.webp 768w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/web-shell-la-gi-750x500.webp 750w\" sizes=\"auto, (max-width: 900px) 100vw, 900px\" \/><figcaption id=\"caption-attachment-16557\" class=\"wp-caption-text\">Web Shell l\u00e0 g\u00ec?<\/figcaption><\/figure>\n<p>Web Shell th\u01b0\u1eddng \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t tr\u00ean m\u00e1y ch\u1ee7 th\u00f4ng qua vi\u1ec7c khai th\u00e1c c\u00e1c <a href=\"https:\/\/interdata.vn\/blog\/lo-hong-bao-mat-la-gi\/\">l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt<\/a> trong ph\u1ea7n m\u1ec1m ho\u1eb7c d\u1ecbch v\u1ee5 \u0111ang ch\u1ea1y. Sau khi c\u00e0i \u0111\u1eb7t th\u00e0nh c\u00f4ng, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 ki\u1ec3m so\u00e1t m\u00e1y ch\u1ee7 t\u1eeb xa th\u00f4ng qua giao di\u1ec7n web c\u1ee7a Web Shell.<\/p>\n<p>V\u00ec t\u00ednh ch\u1ea5t nguy hi\u1ec3m v\u00e0 b\u1ea5t h\u1ee3p ph\u00e1p c\u1ee7a Web Shell, vi\u1ec7c ph\u00e1t hi\u1ec7n v\u00e0 ng\u0103n ch\u1eb7n lo\u1ea1i t\u1ea5n c\u00f4ng n\u00e0y l\u00e0 v\u00f4 c\u00f9ng c\u1ea7n thi\u1ebft \u0111\u1ec3 b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng v\u00e0 d\u1eef li\u1ec7u c\u1ee7a b\u1ea1n.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Cach-thuc-hoat-dong-cua-Web-Shell\"><\/span>C\u00e1ch th\u1ee9c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a Web Shell<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Web Shell l\u00e0 m\u1ed9t ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i \u0111\u01b0\u1ee3c ph\u00e1t tri\u1ec3n v\u1edbi m\u1ee5c \u0111\u00edch x\u00e2m nh\u1eadp v\u00e0 chi\u1ebfm quy\u1ec1n ki\u1ec3m so\u00e1t c\u00e1c m\u00e1y ch\u1ee7 web t\u1eeb xa. Khi \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t th\u00e0nh c\u00f4ng, Web Shell cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng tr\u00ecnh duy\u1ec7t \u0111\u1ec3 \u0111i\u1ec1u khi\u1ec3n m\u00e1y ch\u1ee7, th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh vi x\u1ea5u nh\u01b0 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u, ph\u00e1 ho\u1ea1i h\u1ec7 th\u1ed1ng ho\u1eb7c ti\u1ebfn h\u00e0nh c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng kh\u00e1c.<\/p>\n<p>K\u1ebb t\u1ea5n c\u00f4ng th\u01b0\u1eddng l\u1ee3i d\u1ee5ng c\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt trong ph\u1ea7n m\u1ec1m ho\u1eb7c d\u1ecbch v\u1ee5 \u0111ang ch\u1ea1y tr\u00ean m\u00e1y ch\u1ee7 \u0111\u1ec3 c\u00e0i \u0111\u1eb7t Web Shell. H\u1ecd s\u1eed d\u1ee5ng nh\u1eefng k\u1ef9 thu\u1eadt khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng n\u00e0y \u0111\u1ec3 t\u1ea3i m\u00e3 \u0111\u1ed9c l\u00ean m\u00e1y ch\u1ee7, th\u01b0\u1eddng d\u01b0\u1edbi d\u1ea1ng c\u00e1c t\u1ec7p ph\u1ed5 bi\u1ebfn nh\u01b0 .php, .asp, .aspx, ho\u1eb7c .jsp. C\u00e1c t\u1ec7p n\u00e0y c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c t\u1ea3i l\u00ean th\u00f4ng qua c\u00e1c ph\u01b0\u01a1ng th\u1ee9c nh\u01b0 upload file, thu th\u1eadp d\u1eef li\u1ec7u t\u1eeb form, ho\u1eb7c khai th\u00e1c c\u00e1c \u0111i\u1ec3m y\u1ebfu trong <a href=\"https:\/\/interdata.vn\/blog\/web-application-la-gi\/\">\u1ee9ng d\u1ee5ng web<\/a>.<\/p>\n<figure id=\"attachment_16555\" aria-describedby=\"caption-attachment-16555\" style=\"width: 900px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/cach-thuc-hoat-dong-web-shell.webp\" alt=\"C\u00e1ch th\u1ee9c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a Web Shell\" width=\"900\" height=\"394\" class=\"size-full wp-image-16555\" title=\"\" srcset=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/cach-thuc-hoat-dong-web-shell.webp 900w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/cach-thuc-hoat-dong-web-shell-300x131.webp 300w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/cach-thuc-hoat-dong-web-shell-768x336.webp 768w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/cach-thuc-hoat-dong-web-shell-750x328.webp 750w\" sizes=\"auto, (max-width: 900px) 100vw, 900px\" \/><figcaption id=\"caption-attachment-16555\" class=\"wp-caption-text\">C\u00e1ch th\u1ee9c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a Web Shell<\/figcaption><\/figure>\n<p>Khi Web Shell \u0111\u00e3 \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 truy c\u1eadp v\u00e0 s\u1eed d\u1ee5ng giao di\u1ec7n qu\u1ea3n l\u00fd c\u1ee7a n\u00f3 th\u00f4ng qua m\u1ed9t tr\u00ecnh duy\u1ec7t web. Giao di\u1ec7n n\u00e0y th\u01b0\u1eddng \u0111\u01a1n gi\u1ea3n v\u00e0 d\u1ec5 s\u1eed d\u1ee5ng, cho ph\u00e9p th\u1ef1c thi l\u1ec7nh, qu\u1ea3n l\u00fd t\u1ec7p v\u00e0 ti\u1ebfn h\u00e0nh c\u00e1c h\u00e0nh vi t\u1ea5n c\u00f4ng kh\u00e1c t\u1eeb xa. K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 ki\u1ec3m so\u00e1t ho\u00e0n to\u00e0n h\u1ec7 th\u1ed1ng, t\u1eeb vi\u1ec7c t\u1ea1o v\u00e0 x\u00f3a t\u1ec7p \u0111\u1ebfn th\u1ef1c hi\u1ec7n c\u00e1c l\u1ec7nh nguy hi\u1ec3m.<\/p>\n<p>V\u00ec t\u00ednh ch\u1ea5t nguy hi\u1ec3m v\u00e0 b\u1ea5t h\u1ee3p ph\u00e1p c\u1ee7a Web Shell, vi\u1ec7c ph\u00e1t hi\u1ec7n v\u00e0 ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng Web Shell l\u00e0 v\u00f4 c\u00f9ng quan tr\u1ecdng \u0111\u1ec3 b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng v\u00e0 d\u1eef li\u1ec7u c\u1ee7a b\u1ea1n.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Muc-dich-su-dung-Web-Shell-la-gi\"><\/span>M\u1ee5c \u0111\u00edch s\u1eed d\u1ee5ng Web Shell l\u00e0 g\u00ec?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p data-sourcepos=\"3:1-3:100\"><strong>Web Shell<\/strong><span> l\u00e0 m\u1ed9t c\u00f4ng c\u1ee5 nguy hi\u1ec3m \u0111\u01b0\u1ee3c c\u00e1c hacker s\u1eed d\u1ee5ng \u0111\u1ec3 x\u00e2m nh\u1eadp v\u00e0 ki\u1ec3m so\u00e1t t\u1eeb xa c\u00e1c h\u1ec7 th\u1ed1ng m\u00e1y ch\u1ee7.<\/span><span> N\u00f3 gi\u1ed1ng nh\u01b0 m\u1ed9t c\u00e1nh c\u1eeda h\u1eadu,<\/span><span> cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng ti\u1ebfp c\u1eadn v\u00e0 thao t\u00e1c v\u1edbi h\u1ec7 th\u1ed1ng m\u1ed9t c\u00e1ch tr\u00e1i ph\u00e9p.<\/span><\/p>\n<p data-sourcepos=\"5:1-5:2\">M\u1ee5c \u0111\u00edch ch\u00ednh c\u1ee7a Web Shell:<\/p>\n<ul data-sourcepos=\"7:1-7:91\">\n<li data-sourcepos=\"7:1-7:91\"><strong>Ki\u1ec3m so\u00e1t h\u1ec7 th\u1ed1ng t\u1eeb xa:<\/strong><span> Sau khi c\u00e0i \u0111\u1eb7t Web Shell,<\/span><span> hacker c\u00f3 th\u1ec3 th\u1ef1c hi\u1ec7n c\u00e1c l\u1ec7nh,<\/span><span> truy c\u1eadp v\u00e0 s\u1eeda \u0111\u1ed5i d\u1eef li\u1ec7u tr\u00ean m\u00e1y ch\u1ee7 nh\u01b0 th\u1ec3 \u0111ang ng\u1ed3i tr\u1ef1c ti\u1ebfp tr\u01b0\u1edbc m\u00e1y.<\/span><\/li>\n<li data-sourcepos=\"8:1-8:43\"><strong>T\u1ea3i l\u00ean v\u00e0 th\u1ef1c thi m\u00e3 \u0111\u1ed9c:<\/strong><span> Web Shell cho ph\u00e9p hacker t\u1ea3i l\u00ean c\u00e1c lo\u1ea1i m\u00e3 \u0111\u1ed9c kh\u00e1c nhau l\u00ean m\u00e1y ch\u1ee7,<\/span><span> ch\u1eb3ng h\u1ea1n nh\u01b0 virus,<\/span><span> <a href=\"https:\/\/interdata.vn\/blog\/trojan-la-gi\/\">trojan<\/a>,<\/span><span> <a href=\"https:\/\/interdata.vn\/blog\/ransomware-la-gi\/\">ransomware<\/a>,<\/span><span> \u0111\u1ec3 g\u00e2y h\u1ea1i ho\u1eb7c chi\u1ebfm \u0111o\u1ea1t th\u00f4ng tin.<\/span><\/li>\n<li data-sourcepos=\"9:1-9:173\"><strong>T\u1ea5n c\u00f4ng c\u00e1c h\u1ec7 th\u1ed1ng kh\u00e1c:<\/strong><span> T\u1eeb m\u1ed9t m\u00e1y ch\u1ee7 b\u1ecb nhi\u1ec5m Web Shell,<\/span><span> hacker c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng n\u00f3 l\u00e0m b\u00e0n \u0111\u1ea1p \u0111\u1ec3 t\u1ea5n c\u00f4ng c\u00e1c h\u1ec7 th\u1ed1ng kh\u00e1c trong m\u1ea1ng n\u1ed9i b\u1ed9 ho\u1eb7c tr\u00ean <a href=\"https:\/\/interdata.vn\/blog\/mang-internet\/\">internet<\/a>.<\/span><\/li>\n<li data-sourcepos=\"10:1-10:156\"><strong>Tr\u1ed9m c\u1eafp d\u1eef li\u1ec7u:<\/strong><span> Hacker c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng Web Shell \u0111\u1ec3 \u0111\u00e1nh c\u1eafp c\u00e1c th\u00f4ng tin nh\u1ea1y c\u1ea3m nh\u01b0 m\u1eadt kh\u1ea9u,<\/span><span> s\u1ed1 th\u1ebb t\u00edn d\u1ee5ng,<\/span><span> th\u00f4ng tin kh\u00e1ch h\u00e0ng,<\/span><span> b\u1ea3n quy\u1ec1n&#8230;<\/span><\/li>\n<li data-sourcepos=\"11:1-11:10\"><strong>Ph\u00e1 ho\u1ea1i h\u1ec7 th\u1ed1ng:<\/strong><span> Web Shell c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c d\u00f9ng \u0111\u1ec3 x\u00f3a d\u1eef li\u1ec7u,<\/span><span> thay \u0111\u1ed5i c\u1ea5u h\u00ecnh h\u1ec7 th\u1ed1ng,<\/span><span> l\u00e0m t\u00ea li\u1ec7t c\u00e1c d\u1ecbch v\u1ee5 quan tr\u1ecdng,<\/span><span> g\u00e2y ra thi\u1ec7t h\u1ea1i l\u1edbn v\u1ec1 kinh t\u1ebf.<\/span><\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"Cach-thuc-tai-va-su-dung-Web-Shell\"><\/span>C\u00e1ch th\u1ee9c t\u1ea3i v\u00e0 s\u1eed d\u1ee5ng Web Shell<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Tr\u01b0\u1edbc ti\u00ean, c\u1ea7n l\u01b0u \u00fd r\u1eb1ng vi\u1ec7c t\u1ea3i xu\u1ed1ng v\u00e0 s\u1eed d\u1ee5ng Web Shell m\u00e0 kh\u00f4ng c\u00f3 s\u1ef1 cho ph\u00e9p l\u00e0 h\u00e0nh vi b\u1ea5t h\u1ee3p ph\u00e1p v\u00e0 c\u00f3 th\u1ec3 b\u1ecb x\u1eed l\u00fd nghi\u00eam theo ph\u00e1p lu\u1eadt. B\u00e0i vi\u1ebft n\u00e0y ch\u1ec9 nh\u1eb1m m\u1ee5c \u0111\u00edch gi\u00e1o d\u1ee5c v\u00e0 n\u00e2ng cao nh\u1eadn th\u1ee9c v\u1ec1 c\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt li\u00ean quan.<\/p>\n<figure id=\"attachment_16556\" aria-describedby=\"caption-attachment-16556\" style=\"width: 900px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/web-shell-1.webp\" alt=\"C\u00e1ch th\u1ee9c t\u1ea3i v\u00e0 s\u1eed d\u1ee5ng Web Shell\" width=\"900\" height=\"471\" class=\"size-full wp-image-16556\" title=\"\" srcset=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/web-shell-1.webp 900w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/web-shell-1-300x157.webp 300w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/web-shell-1-768x402.webp 768w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/web-shell-1-750x393.webp 750w\" sizes=\"auto, (max-width: 900px) 100vw, 900px\" \/><figcaption id=\"caption-attachment-16556\" class=\"wp-caption-text\">C\u00e1ch th\u1ee9c t\u1ea3i v\u00e0 s\u1eed d\u1ee5ng Web Shell<\/figcaption><\/figure>\n<p>Web Shell th\u01b0\u1eddng \u0111\u01b0\u1ee3c t\u1ea3i xu\u1ed1ng v\u00e0 tri\u1ec3n khai th\u00f4ng qua c\u00e1c k\u1ef9 thu\u1eadt khai th\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 m\u1ed9t s\u1ed1 ph\u01b0\u01a1ng ph\u00e1p ph\u1ed5 bi\u1ebfn m\u00e0 tin t\u1eb7c th\u01b0\u1eddng s\u1eed d\u1ee5ng:<\/p>\n<ul>\n<li><strong>Khai th\u00e1c l\u1ed7 h\u1ed5ng tr\u00ean trang web<\/strong>: Tin t\u1eb7c c\u00f3 th\u1ec3 l\u1ee3i d\u1ee5ng c\u00e1c l\u1ed7i b\u1ea3o m\u1eadt trong ph\u1ea7n m\u1ec1m ho\u1eb7c <a href=\"https:\/\/interdata.vn\/blog\/lap-trinh-la-gi\/\">l\u1eadp tr\u00ecnh<\/a> tr\u00ean trang web \u0111\u1ec3 t\u1ea3i l\u00ean v\u00e0 tri\u1ec3n khai Web Shell.<\/li>\n<li><strong>S\u1eed d\u1ee5ng <a href=\"https:\/\/interdata.vn\/blog\/structured-query-language-sql-la-gi\/\">SQL<\/a> Injection<\/strong>: Tin t\u1eb7c khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng trong c\u01a1 s\u1edf d\u1eef li\u1ec7u \u0111\u1ec3 t\u1ea3i l\u00ean Web Shell th\u00f4ng qua c\u00e1c <a href=\"https:\/\/interdata.vn\/blog\/query-la-gi\/\">truy v\u1ea5n<\/a> SQL kh\u00f4ng \u0111\u01b0\u1ee3c ki\u1ec3m so\u00e1t.<\/li>\n<li><strong>T\u1ea5n c\u00f4ng t\u1eeb ch\u1ed1i d\u1ecbch v\u1ee5 (<a href=\"https:\/\/interdata.vn\/blog\/dos-attack-la-gi\/\">DoS<\/a>)<\/strong>: Tin t\u1eb7c c\u00f3 th\u1ec3 g\u00e2y ra t\u00ecnh tr\u1ea1ng qu\u00e1 t\u1ea3i cho m\u00e1y ch\u1ee7 b\u1eb1ng c\u00e1ch g\u1eedi m\u1ed9t l\u01b0\u1ee3ng l\u1edbn y\u00eau c\u1ea7u, khi\u1ebfn m\u00e1y ch\u1ee7 kh\u00f4ng th\u1ec3 ph\u1ea3n h\u1ed3i v\u00e0 t\u1eeb \u0111\u00f3 l\u1ee3i d\u1ee5ng t\u00ecnh tr\u1ea1ng n\u00e0y \u0111\u1ec3 t\u1ea3i l\u00ean Web Shell.<\/li>\n<\/ul>\n<p>Khi \u0111\u00e3 tri\u1ec3n khai Web Shell, tin t\u1eb7c c\u00f3 th\u1ec3 \u0111i\u1ec1u khi\u1ec3n h\u1ec7 th\u1ed1ng t\u1eeb xa, th\u1ef1c hi\u1ec7n c\u00e1c l\u1ec7nh v\u00e0 th\u1ef1c hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng kh\u00e1c nh\u1eb1m \u0111\u1ea1t \u0111\u01b0\u1ee3c m\u1ee5c \u0111\u00edch c\u1ee7a m\u00ecnh.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Truy-cap-tu-xa-lien-tuc-cua-Web-Shell-la-gi\"><\/span>Truy c\u1eadp t\u1eeb xa li\u00ean t\u1ee5c c\u1ee7a Web Shell l\u00e0 g\u00ec?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Truy c\u1eadp t\u1eeb xa li\u00ean t\u1ee5c th\u00f4ng qua Web Shell, hay c\u00f2n g\u1ecdi l\u00e0 &#8220;persistent remote access,&#8221; l\u00e0 m\u1ed9t k\u1ef9 thu\u1eadt t\u1ea5n c\u00f4ng cho ph\u00e9p k\u1ebb x\u00e2m nh\u1eadp duy tr\u00ec quy\u1ec1n truy c\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau sau khi \u0111\u00e3 khai th\u00e1c th\u00e0nh c\u00f4ng m\u1ed9t l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt v\u00e0 tri\u1ec3n khai Web Shell. K\u1ef9 thu\u1eadt n\u00e0y gi\u00fap tin t\u1eb7c ti\u1ebfp t\u1ee5c ki\u1ec3m so\u00e1t h\u1ec7 th\u1ed1ng m\u00e0 kh\u00f4ng c\u1ea7n ph\u1ea3i khai th\u00e1c l\u1ea1i l\u1ed7 h\u1ed5ng ban \u0111\u1ea7u.<\/p>\n<p>K\u1ef9 thu\u1eadt n\u00e0y ho\u1ea1t \u0111\u1ed9ng b\u1eb1ng c\u00e1ch c\u00e0i \u0111\u1eb7t c\u00e1c ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i ho\u1eb7c <a href=\"https:\/\/interdata.vn\/blog\/tan-cong-backdoor-la-gi\/\">backdoor<\/a> tr\u00ean h\u1ec7 th\u1ed1ng b\u1ecb t\u1ea5n c\u00f4ng, cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng truy c\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng m\u1ed9t c\u00e1ch b\u1ea5t h\u1ee3p ph\u00e1p b\u1ea5t c\u1ee9 khi n\u00e0o h\u1ecd mu\u1ed1n. \u0110i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 x\u1ea3y ra ngay c\u1ea3 khi l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt ban \u0111\u1ea7u \u0111\u00e3 \u0111\u01b0\u1ee3c v\u00e1.<\/p>\n<p>C\u00e1c ph\u01b0\u01a1ng ph\u00e1p ph\u1ed5 bi\u1ebfn \u0111\u1ec3 duy tr\u00ec truy c\u1eadp t\u1eeb xa li\u00ean t\u1ee5c qua Web Shell bao g\u1ed3m:<\/p>\n<ul>\n<li><strong>C\u00e0i \u0111\u1eb7t Backdoor<\/strong>: K\u1ebb t\u1ea5n c\u00f4ng c\u00e0i \u0111\u1eb7t ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i ho\u1eb7c backdoor \u0111\u1ec3 duy tr\u00ec quy\u1ec1n truy c\u1eadp t\u1eeb xa m\u00e0 kh\u00f4ng c\u1ea7n khai th\u00e1c l\u1ea1i l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt g\u1ed1c.<\/li>\n<li><strong>Ph\u1ea7n M\u1ec1m Gi\u1ea3 M\u1ea1o \u0110\u0103ng Nh\u1eadp<\/strong>: S\u1eed d\u1ee5ng c\u00e1c c\u00f4ng c\u1ee5 \u0111\u1ec3 l\u01b0u tr\u1eef v\u00e0 qu\u1ea3n l\u00fd th\u00f4ng tin \u0111\u0103ng nh\u1eadp, cho ph\u00e9p truy c\u1eadp t\u1eeb xa m\u00e0 kh\u00f4ng b\u1ecb ph\u00e1t hi\u1ec7n.<\/li>\n<li><strong>K\u1ef9 Thu\u1eadt \u1ea8n Danh<\/strong>: \u00c1p d\u1ee5ng c\u00e1c ph\u01b0\u01a1ng ph\u00e1p nh\u01b0 gi\u1ea3 m\u1ea1o <a href=\"https:\/\/interdata.vn\/blog\/dia-chi-ip-la-gi\/\">\u0111\u1ecba ch\u1ec9 IP<\/a> ho\u1eb7c s\u1eed d\u1ee5ng c\u00e1c k\u1ef9 thu\u1eadt che gi\u1ea5u kh\u00e1c \u0111\u1ec3 tr\u00e1nh b\u1ecb ph\u00e1t hi\u1ec7n b\u1edfi c\u00e1c h\u1ec7 th\u1ed1ng b\u1ea3o m\u1eadt.<\/li>\n<\/ul>\n<p>Truy c\u1eadp t\u1eeb xa li\u00ean t\u1ee5c qua Web Shell l\u00e0 m\u1ed9t m\u1ed1i \u0111e d\u1ecda nghi\u00eam tr\u1ecdng \u0111\u1ed1i v\u1edbi b\u1ea3o m\u1eadt h\u1ec7 th\u1ed1ng v\u00e0 d\u1eef li\u1ec7u. \u0110\u1ec3 gi\u1ea3m thi\u1ec3u r\u1ee7i ro, b\u1ea1n n\u00ean th\u01b0\u1eddng xuy\u00ean ki\u1ec3m tra v\u00e0 c\u1eadp nh\u1eadt h\u1ec7 th\u1ed1ng c\u1ee7a m\u00ecnh, \u0111\u1eb7c bi\u1ec7t l\u00e0 c\u00e1c ph\u1ea7n m\u1ec1m b\u1ea3o m\u1eadt, v\u00e0 gi\u00e1m s\u00e1t ch\u1eb7t ch\u1ebd c\u00e1c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a c\u00e1c t\u00e0i kho\u1ea3n truy c\u1eadp t\u1eeb xa.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Cach-su-dung-Botnet-Web-Shell\"><\/span>C\u00e1ch s\u1eed d\u1ee5ng Botnet Web Shell<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><strong>L\u01b0u \u00fd quan tr\u1ecdng:<\/strong> Vi\u1ec7c s\u1eed d\u1ee5ng Botnet Web Shell \u0111\u1ec3 th\u1ef1c hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng l\u00e0 h\u00e0nh vi ph\u1ea1m ph\u00e1p v\u00e0 c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn h\u1eadu qu\u1ea3 nghi\u00eam tr\u1ecdng v\u1ec1 m\u1eb7t ph\u00e1p l\u00fd. Ch\u00fang t\u00f4i khuy\u1ebfn kh\u00edch vi\u1ec7c tu\u00e2n th\u1ee7 lu\u1eadt ph\u00e1p v\u00e0 kh\u00f4ng tham gia v\u00e0o c\u00e1c ho\u1ea1t \u0111\u1ed9ng \u0111\u1ed9c h\u1ea1i nh\u01b0 v\u1eady.<\/p>\n<figure id=\"attachment_16553\" aria-describedby=\"caption-attachment-16553\" style=\"width: 900px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/botnet-web-shell.webp\" alt=\"C\u00e1ch s\u1eed d\u1ee5ng Botnet Web Shell\" width=\"900\" height=\"526\" class=\"size-full wp-image-16553\" title=\"\" srcset=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/botnet-web-shell.webp 900w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/botnet-web-shell-300x175.webp 300w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/botnet-web-shell-768x449.webp 768w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/botnet-web-shell-750x438.webp 750w\" sizes=\"auto, (max-width: 900px) 100vw, 900px\" \/><figcaption id=\"caption-attachment-16553\" class=\"wp-caption-text\">C\u00e1ch s\u1eed d\u1ee5ng Botnet Web Shell<\/figcaption><\/figure>\n<p><strong>Botnet Web Shell<\/strong> l\u00e0 m\u1ed9t lo\u1ea1i ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1ec3 x\u00e2y d\u1ef1ng v\u00e0 qu\u1ea3n l\u00fd m\u1ed9t m\u1ea1ng l\u01b0\u1edbi botnet, trong \u0111\u00f3 c\u00e1c m\u00e1y t\u00ednh b\u1ecb x\u00e2m nh\u1eadp c\u00f3 th\u1ec3 b\u1ecb \u0111i\u1ec1u khi\u1ec3n t\u1eeb xa b\u1edfi k\u1ebb t\u1ea5n c\u00f4ng. B\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng Botnet Web Shell, tin t\u1eb7c c\u00f3 th\u1ec3 g\u1eedi l\u1ec7nh t\u1eeb xa \u0111\u1ebfn c\u00e1c m\u00e1y t\u00ednh trong botnet th\u00f4ng qua Web Shell \u0111\u1ec3 th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh \u0111\u1ed9ng b\u1ea5t h\u1ee3p ph\u00e1p.<\/p>\n<p>D\u01b0\u1edbi \u0111\u00e2y l\u00e0 m\u1ed9t c\u00e1i nh\u00ecn t\u1ed5ng quan v\u1ec1 c\u00e1ch m\u00e0 Botnet Web Shell c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c tri\u1ec3n khai v\u00e0 s\u1eed d\u1ee5ng, v\u1edbi m\u1ee5c \u0111\u00edch minh h\u1ecda v\u00e0 c\u1ea3nh b\u00e1o v\u1ec1 c\u00e1c nguy c\u01a1 ti\u1ec1m \u1ea9n:<\/p>\n<ul>\n<li><strong>Tri\u1ec3n khai Botnet Web Shell<\/strong>: \u0110\u1ea7u ti\u00ean, ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i c\u1ea7n ph\u1ea3i \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t tr\u00ean h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau. C\u00e1c ph\u1ea7n m\u1ec1m n\u00e0y th\u01b0\u1eddng c\u00f3 s\u1eb5n tr\u00ean c\u00e1c trang web \u0111en ho\u1eb7c th\u1ecb tr\u01b0\u1eddng ng\u1ea7m.<\/li>\n<li><strong>X\u00e2y d\u1ef1ng botnet<\/strong>: Sau khi c\u00e0i \u0111\u1eb7t, Botnet Web Shell c\u1ea7n \u0111\u01b0\u1ee3c c\u1ea5u h\u00ecnh \u0111\u1ec3 t\u1ea1o v\u00e0 qu\u1ea3n l\u00fd botnet. Qu\u00e1 tr\u00ecnh n\u00e0y th\u01b0\u1eddng y\u00eau c\u1ea7u vi\u1ec7c thi\u1ebft l\u1eadp t\u00ean \u0111\u0103ng nh\u1eadp v\u00e0 m\u1eadt kh\u1ea9u \u0111\u1ec3 \u0111i\u1ec1u khi\u1ec3n c\u00e1c m\u00e1y t\u00ednh b\u1ecb x\u00e2m nh\u1eadp.<\/li>\n<li><strong>X\u00e2m nh\u1eadp c\u00e1c m\u00e1y t\u00ednh m\u1ee5c ti\u00eau<\/strong>: Tin t\u1eb7c c\u1ea7n t\u00ecm v\u00e0 t\u1ea5n c\u00f4ng c\u00e1c m\u00e1y t\u00ednh d\u1ec5 b\u1ecb t\u1ed5n th\u01b0\u01a1ng \u0111\u1ec3 c\u00e0i \u0111\u1eb7t Botnet Web Shell. C\u00e1c ph\u01b0\u01a1ng ph\u00e1p khai th\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt ho\u1eb7c k\u1ef9 thu\u1eadt t\u1ea5n c\u00f4ng kh\u00e1c th\u01b0\u1eddng \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 l\u00e2y nhi\u1ec5m ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i v\u00e0o c\u00e1c h\u1ec7 th\u1ed1ng n\u00e0y.<\/li>\n<li><strong>Qu\u1ea3n l\u00fd v\u00e0 \u0111i\u1ec1u khi\u1ec3n botnet<\/strong>: Khi botnet \u0111\u00e3 \u0111\u01b0\u1ee3c h\u00ecnh th\u00e0nh, Botnet Web Shell cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng g\u1eedi l\u1ec7nh \u0111i\u1ec1u khi\u1ec3n t\u1eeb xa. C\u00e1c h\u00e0nh \u0111\u1ed9ng c\u00f3 th\u1ec3 bao g\u1ed3m vi\u1ec7c t\u1ea3i v\u00e0 c\u00e0i \u0111\u1eb7t ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i b\u1ed5 sung ho\u1eb7c th\u1ef1c hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng t\u1eeb ch\u1ed1i d\u1ecbch v\u1ee5 (<a href=\"https:\/\/interdata.vn\/blog\/ddos-la-gi\/\">DDoS<\/a>).<\/li>\n<li><strong>Che gi\u1ea5u ho\u1ea1t \u0111\u1ed9ng<\/strong>: \u0110\u1ec3 tr\u00e1nh b\u1ecb ph\u00e1t hi\u1ec7n, tin t\u1eb7c c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng c\u00e1c k\u1ef9 thu\u1eadt nh\u01b0 che gi\u1ea5u \u0111\u1ecba ch\u1ec9 IP v\u00e0 <a href=\"https:\/\/interdata.vn\/blog\/ma-hoa-du-lieu-data-encryption\/\">m\u00e3 h\u00f3a d\u1eef li\u1ec7u<\/a>. C\u1eadp nh\u1eadt th\u01b0\u1eddng xuy\u00ean ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i c\u0169ng gi\u00fap gi\u1ea3m thi\u1ec3u nguy c\u01a1 b\u1ecb ph\u00e1t hi\u1ec7n.<\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"Cach-phat-hien-Web-Shell\"><\/span>C\u00e1ch ph\u00e1t hi\u1ec7n Web Shell<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Ph\u00e1t hi\u1ec7n Web Shell l\u00e0 m\u1ed9t th\u00e1ch th\u1ee9c \u0111\u1ed1i v\u1edbi nhi\u1ec1u t\u1ed5 ch\u1ee9c do t\u00ednh ch\u1ea5t \u1ea9n n\u00e1u v\u00e0 \u0111a d\u1ea1ng c\u1ee7a ch\u00fang. Tuy nhi\u00ean, c\u00f3 nhi\u1ec1u ph\u01b0\u01a1ng ph\u00e1p v\u00e0 c\u00f4ng c\u1ee5 c\u00f3 th\u1ec3 gi\u00fap nh\u1eadn di\u1ec7n s\u1ef1 hi\u1ec7n di\u1ec7n c\u1ee7a Web Shell tr\u00ean h\u1ec7 th\u1ed1ng. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 m\u1ed9t s\u1ed1 c\u00e1ch ph\u1ed5 bi\u1ebfn v\u00e0 hi\u1ec7u qu\u1ea3:<\/p>\n<h4>1. Ph\u00e2n t\u00edch l\u01b0u l\u01b0\u1ee3ng m\u1ea1ng<\/h4>\n<p>L\u01b0u l\u01b0\u1ee3ng m\u1ea1ng b\u1ea5t th\u01b0\u1eddng c\u00f3 th\u1ec3 l\u00e0 d\u1ea5u hi\u1ec7u c\u1ee7a Web Shell ho\u1ea1t \u0111\u1ed9ng. Vi\u1ec7c gi\u00e1m s\u00e1t l\u01b0u l\u01b0\u1ee3ng m\u1ea1ng \u0111\u1ec3 ph\u00e1t hi\u1ec7n c\u00e1c m\u1eabu truy c\u1eadp b\u1ea5t th\u01b0\u1eddng t\u1edbi c\u00e1c t\u1eadp tin c\u1ee5 th\u1ec3 tr\u00ean m\u00e1y ch\u1ee7 c\u00f3 th\u1ec3 c\u1ea3nh b\u00e1o s\u1edbm v\u1ec1 m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng. C\u00e1c c\u00f4ng c\u1ee5 nh\u01b0 <a href=\"https:\/\/en.wikipedia.org\/wiki\/Wireshark\" rel=\"nofollow noopener\" target=\"_blank\">Wireshark<\/a> ho\u1eb7c c\u00e1c h\u1ec7 th\u1ed1ng ph\u00e1t hi\u1ec7n x\u00e2m nh\u1eadp m\u1ea1ng (IDS) c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 ph\u00e2n t\u00edch l\u01b0u l\u01b0\u1ee3ng m\u1ea1ng v\u00e0 ph\u00e1t hi\u1ec7n c\u00e1c ho\u1ea1t \u0111\u1ed9ng \u0111\u00e1ng ng\u1edd.<\/p>\n<h4>2. Ki\u1ec3m tra nh\u1eadt k\u00fd h\u1ec7 th\u1ed1ng<\/h4>\n<p>Nh\u1eadt k\u00fd h\u1ec7 th\u1ed1ng l\u01b0u l\u1ea1i t\u1ea5t c\u1ea3 c\u00e1c ho\u1ea1t \u0111\u1ed9ng tr\u00ean m\u00e1y ch\u1ee7 v\u00e0 c\u00f3 th\u1ec3 cung c\u1ea5p th\u00f4ng tin qu\u00fd gi\u00e1 v\u1ec1 c\u00e1c l\u1ec7nh \u0111\u01b0\u1ee3c th\u1ef1c thi ho\u1eb7c c\u00e1c t\u1eadp tin \u0111\u01b0\u1ee3c truy c\u1eadp. Vi\u1ec7c xem x\u00e9t k\u1ef9 l\u01b0\u1ee1ng nh\u1eadt k\u00fd c\u00f3 th\u1ec3 gi\u00fap ph\u00e1t hi\u1ec7n c\u00e1c ho\u1ea1t \u0111\u1ed9ng kh\u00f4ng b\u00ecnh th\u01b0\u1eddng, nh\u01b0 vi\u1ec7c truy c\u1eadp v\u00e0o t\u1eadp tin shell script kh\u00f4ng \u0111\u01b0\u1ee3c ph\u00e9p ho\u1eb7c c\u00e1c thay \u0111\u1ed5i b\u1ea5t th\u01b0\u1eddng trong h\u1ec7 th\u1ed1ng.<\/p>\n<h4>3. S\u1eed d\u1ee5ng ph\u1ea7n m\u1ec1m ch\u1ed1ng Malware v\u00e0 Antivirus<\/h4>\n<p>C\u00e1c gi\u1ea3i ph\u00e1p b\u1ea3o m\u1eadt n\u00e0y th\u01b0\u1eddng c\u00f3 kh\u1ea3 n\u0103ng qu\u00e9t v\u00e0 ph\u00e1t hi\u1ec7n c\u00e1c lo\u1ea1i m\u00e3 \u0111\u1ed9c, bao g\u1ed3m c\u1ea3 Web Shell. C\u1eadp nh\u1eadt th\u01b0\u1eddng xuy\u00ean cho ph\u1ea7n m\u1ec1m ch\u1ed1ng virus v\u00e0 ch\u1ed1ng <a href=\"https:\/\/interdata.vn\/blog\/malware-la-gi\/\">malware<\/a> l\u00e0 r\u1ea5t quan tr\u1ecdng, v\u00ec c\u00e1c m\u1ed1i \u0111e d\u1ecda m\u1edbi li\u00ean t\u1ee5c \u0111\u01b0\u1ee3c ph\u00e1t tri\u1ec3n b\u1edfi c\u00e1c hacker.<\/p>\n<h4>4. Qu\u00e9t t\u0129nh v\u00e0 \u0111\u1ed9ng c\u1ee7a t\u1eadp tin<\/h4>\n<p>Vi\u1ec7c qu\u00e9t t\u1eadp tin t\u0129nh cho ph\u00e9p ki\u1ec3m tra c\u00e1c t\u1eadp tin tr\u00ean m\u00e1y ch\u1ee7 \u0111\u1ec3 t\u00ecm ki\u1ebfm c\u00e1c \u0111o\u1ea1n m\u00e3 \u0111\u1ed9c h\u1ea1i ho\u1eb7c kh\u00f4ng mong mu\u1ed1n m\u00e0 kh\u00f4ng th\u1ef1c thi ch\u00fang. Qu\u00e9t \u0111\u1ed9ng, m\u1eb7t kh\u00e1c, bao g\u1ed3m vi\u1ec7c th\u1ef1c thi c\u00e1c t\u1eadp tin trong m\u1ed9t m\u00f4i tr\u01b0\u1eddng an to\u00e0n \u0111\u1ec3 quan s\u00e1t h\u00e0nh vi c\u1ee7a ch\u00fang. C\u1ea3 hai ph\u01b0\u01a1ng ph\u00e1p n\u00e0y c\u00f3 th\u1ec3 gi\u00fap ph\u00e1t hi\u1ec7n Web Shell.<\/p>\n<h4>5. Ph\u00e2n t\u00edch n\u1ed9i dung t\u1eadp tin<\/h4>\n<p>Vi\u1ec7c ki\u1ec3m tra c\u00e1c t\u1eadp tin \u0111\u1ec3 t\u00ecm c\u00e1c \u0111o\u1ea1n m\u00e3 b\u1ea5t th\u01b0\u1eddng ho\u1eb7c <a href=\"https:\/\/interdata.vn\/blog\/source-code-la-gi\/\">m\u00e3 ngu\u1ed3n<\/a> l\u1ea1 l\u00e0 m\u1ed9t c\u00e1ch th\u1ee9c h\u1eefu \u00edch kh\u00e1c. \u0110i\u1ec1u n\u00e0y bao g\u1ed3m vi\u1ec7c t\u00ecm ki\u1ebfm c\u00e1c ch\u1ee9c n\u0103ng ho\u1eb7c c\u00e1c l\u1ec7nh c\u00f3 kh\u1ea3 n\u0103ng cao \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong Web Shell nh\u01b0 <code>exec<\/code>, <code>passthru<\/code>, <code>shell_exec<\/code>, <code>system<\/code>, ho\u1eb7c <code>eval<\/code>.<\/p>\n<h4>6. Ki\u1ec3m tra t\u00ednh to\u00e0n v\u1eb9n c\u1ee7a t\u1eadp tin<\/h4>\n<p>Ph\u1ea7n m\u1ec1m qu\u1ea3n l\u00fd t\u00ednh to\u00e0n v\u1eb9n t\u1eadp tin c\u00f3 th\u1ec3 gi\u00fap ph\u00e1t hi\u1ec7n c\u00e1c thay \u0111\u1ed5i kh\u00f4ng \u0111\u01b0\u1ee3c ph\u00e9p t\u1edbi c\u00e1c t\u1eadp tin h\u1ec7 th\u1ed1ng. B\u1ea5t k\u1ef3 thay \u0111\u1ed5i n\u00e0o kh\u00f4ng \u0111\u01b0\u1ee3c ki\u1ec3m so\u00e1t c\u00f3 th\u1ec3 l\u00e0 m\u1ed9t d\u1ea5u hi\u1ec7u c\u1ee7a s\u1ef1 hi\u1ec7n di\u1ec7n c\u1ee7a Web Shell.<\/p>\n<h4>7. S\u1eed d\u1ee5ng c\u00e1c c\u00f4ng c\u1ee5 chuy\u00ean bi\u1ec7t<\/h4>\n<p>C\u00f3 nhi\u1ec1u c\u00f4ng c\u1ee5 \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf ri\u00eang \u0111\u1ec3 ph\u00e1t hi\u1ec7n Web Shell, ch\u1eb3ng h\u1ea1n nh\u01b0 c\u00e1c <a href=\"https:\/\/interdata.vn\/blog\/plugin-la-gi\/\">plugin<\/a> cho c\u00e1c h\u1ec7 th\u1ed1ng qu\u1ea3n l\u00fd n\u1ed9i dung (<a href=\"https:\/\/interdata.vn\/blog\/cms-la-gi\/\">CMS<\/a>) nh\u01b0 <a href=\"https:\/\/interdata.vn\/blog\/wordpress-la-gi\/\">WordPress<\/a> ho\u1eb7c <a href=\"https:\/\/vi.wikipedia.org\/wiki\/Joomla!\" rel=\"nofollow noopener\" target=\"_blank\">Joomla<\/a>, ho\u1eb7c c\u00e1c c\u00f4ng c\u1ee5 an ninh m\u1ea1ng chuy\u00ean d\u1ee5ng kh\u00e1c.<\/p>\n<p>Vi\u1ec7c ph\u00e1t hi\u1ec7n Web Shell \u0111\u00f2i h\u1ecfi s\u1ef1 ch\u00fa \u00fd v\u00e0 ki\u00ean nh\u1eabn, c\u0169ng nh\u01b0 m\u1ed9t h\u1ec7 th\u1ed1ng b\u1ea3o m\u1eadt m\u1ea1nh m\u1ebd v\u00e0 c\u00e1c ch\u00ednh s\u00e1ch c\u1eadp nh\u1eadt li\u00ean t\u1ee5c. B\u1eb1ng c\u00e1ch \u00e1p d\u1ee5ng m\u1ed9t chi\u1ebfn l\u01b0\u1ee3c to\u00e0n di\u1ec7n bao g\u1ed3m gi\u00e1o d\u1ee5c, c\u00f4ng ngh\u1ec7, v\u00e0 quy tr\u00ecnh, c\u00e1c t\u1ed5 ch\u1ee9c c\u00f3 th\u1ec3 t\u0103ng c\u01b0\u1eddng kh\u1ea3 n\u0103ng ph\u00f2ng th\u1ee7 c\u1ee7a m\u00ecnh ch\u1ed1ng l\u1ea1i nh\u1eefng m\u1ed1i \u0111e d\u1ecda ng\u00e0y c\u00e0ng tinh vi n\u00e0y.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Huong-dan-cach-phong-chong-Web-Shell\"><\/span>H\u01b0\u1edbng d\u1eabn c\u00e1ch ph\u00f2ng ch\u1ed1ng Web Shell<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Nh\u01b0 \u0111\u00e3 \u0111\u1ec1 c\u1eadp, vi\u1ec7c s\u1eed d\u1ee5ng Botnet Web Shell cho c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng l\u00e0 h\u00e0nh vi ho\u00e0n to\u00e0n b\u1ea5t h\u1ee3p ph\u00e1p v\u00e0 c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn c\u00e1c h\u1eadu qu\u1ea3 nghi\u00eam tr\u1ecdng nh\u01b0 m\u1ea5t m\u00e1t d\u1eef li\u1ec7u quan tr\u1ecdng, t\u1ed5n th\u1ea5t t\u00e0i ch\u00ednh, v\u00e0 th\u1eadm ch\u00ed l\u00e0 c\u00e1c t\u1ed9i danh h\u00ecnh s\u1ef1. \u0110\u1ec3 b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng c\u1ee7a b\u1ea1n kh\u1ecfi m\u1ed1i \u0111e d\u1ecda n\u00e0y, h\u00e3y th\u1ef1c hi\u1ec7n nh\u1eefng bi\u1ec7n ph\u00e1p ph\u00f2ng ng\u1eeba sau:<\/p>\n<p><strong>C\u1eadp nh\u1eadt h\u1ec7 th\u1ed1ng v\u00e0 ph\u1ea7n m\u1ec1m \u0111\u1ecbnh k\u1ef3<\/strong>: \u0110\u1ea3m b\u1ea3o r\u1eb1ng <a href=\"https:\/\/interdata.vn\/blog\/he-dieu-hanh\/\">h\u1ec7 \u0111i\u1ec1u h\u00e0nh<\/a> v\u00e0 c\u00e1c \u1ee9ng d\u1ee5ng ph\u1ea7n m\u1ec1m c\u1ee7a b\u1ea1n lu\u00f4n \u0111\u01b0\u1ee3c c\u1eadp nh\u1eadt phi\u00ean b\u1ea3n m\u1edbi nh\u1ea5t. C\u00e1c b\u1ea3n c\u1eadp nh\u1eadt th\u01b0\u1eddng xuy\u00ean gi\u00fap v\u00e1 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt v\u00e0 t\u0103ng c\u01b0\u1eddng b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng.<\/p>\n<p><strong>S\u1eed d\u1ee5ng ph\u1ea7n m\u1ec1m b\u1ea3o m\u1eadt chuy\u00ean nghi\u1ec7p<\/strong>: \u0110\u1ea7u t\u01b0 v\u00e0o ph\u1ea7n m\u1ec1m b\u1ea3o m\u1eadt uy t\u00edn c\u00f3 kh\u1ea3 n\u0103ng gi\u00e1m s\u00e1t v\u00e0 ph\u00e1t hi\u1ec7n c\u00e1c ho\u1ea1t \u0111\u1ed9ng b\u1ea5t th\u01b0\u1eddng. Ph\u1ea7n m\u1ec1m b\u1ea3o m\u1eadt chuy\u00ean nghi\u1ec7p gi\u00fap gi\u1ea3m thi\u1ec3u nguy c\u01a1 b\u1ecb x\u00e2m nh\u1eadp b\u1edfi Botnet Web Shell v\u00e0 c\u00e1c m\u1ed1i \u0111e d\u1ecda kh\u00e1c.<\/p>\n<figure id=\"attachment_16554\" aria-describedby=\"caption-attachment-16554\" style=\"width: 900px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/cach-phong-chong-web-shell.webp\" alt=\"H\u01b0\u1edbng d\u1eabn c\u00e1ch ph\u00f2ng ch\u1ed1ng Web Shell\" width=\"900\" height=\"505\" class=\"size-full wp-image-16554\" title=\"\" srcset=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/cach-phong-chong-web-shell.webp 900w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/cach-phong-chong-web-shell-300x168.webp 300w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/cach-phong-chong-web-shell-768x431.webp 768w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/08\/cach-phong-chong-web-shell-750x421.webp 750w\" sizes=\"auto, (max-width: 900px) 100vw, 900px\" \/><figcaption id=\"caption-attachment-16554\" class=\"wp-caption-text\">H\u01b0\u1edbng d\u1eabn c\u00e1ch ph\u00f2ng ch\u1ed1ng Web Shell<\/figcaption><\/figure>\n<p><strong>Gi\u00e1m s\u00e1t v\u00e0 gi\u1edbi h\u1ea1n truy c\u1eadp t\u1eeb xa<\/strong>: H\u1ea1n ch\u1ebf quy\u1ec1n truy c\u1eadp t\u1eeb xa v\u00e0o h\u1ec7 th\u1ed1ng c\u1ee7a b\u1ea1n b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng c\u00e1c gi\u1ea3i ph\u00e1p nh\u01b0 VPN v\u00e0 ch\u1ec9 cho ph\u00e9p c\u00e1c \u0111\u1ecba ch\u1ec9 IP \u0111\u00e1ng tin c\u1eady. \u0110i\u1ec1u n\u00e0y gi\u00fap gi\u1ea3m thi\u1ec3u nguy c\u01a1 b\u1ecb t\u1ea5n c\u00f4ng t\u1eeb xa.<\/p>\n<p><strong>\u0110\u00e0o t\u1ea1o nh\u00e2n vi\u00ean<\/strong>: Nh\u00e2n vi\u00ean c\u00f3 th\u1ec3 l\u00e0 \u0111i\u1ec3m y\u1ebfu trong h\u1ec7 th\u1ed1ng b\u1ea3o m\u1eadt. \u0110\u00e0o t\u1ea1o h\u1ecd v\u1ec1 nh\u1eadn di\u1ec7n v\u00e0 b\u00e1o c\u00e1o c\u00e1c h\u00e0nh vi b\u1ea5t th\u01b0\u1eddng ho\u1eb7c nghi ng\u1edd tr\u00ean h\u1ec7 th\u1ed1ng \u0111\u1ec3 t\u0103ng c\u01b0\u1eddng kh\u1ea3 n\u0103ng b\u1ea3o v\u1ec7.<\/p>\n<p><strong>S\u1eed d\u1ee5ng Firewall<\/strong>: C\u00e0i \u0111\u1eb7t v\u00e0 c\u1ea5u h\u00ecnh Firewall \u0111\u1ec3 b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng kh\u1ecfi c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng t\u1eeb b\u00ean ngo\u00e0i. Firewall gi\u00fap ki\u1ec3m so\u00e1t l\u01b0u l\u01b0\u1ee3ng truy c\u1eadp v\u00e0 ng\u0103n ch\u1eb7n c\u00e1c k\u1ebft n\u1ed1i kh\u00f4ng mong mu\u1ed1n.<\/p>\n<p>Trong b\u00e0i vi\u1ebft n\u00e0y, ch\u00fang ta \u0111\u00e3 kh\u00e1m ph\u00e1 Web Shell, m\u1ed9t c\u00f4ng c\u1ee5 m\u1ea1nh m\u1ebd cho ph\u00e9p ki\u1ec3m so\u00e1t h\u1ec7 th\u1ed1ng web t\u1eeb xa. Tuy nhi\u00ean, Web Shell c\u0169ng c\u00f3 th\u1ec3 b\u1ecb k\u1ebb t\u1ea5n c\u00f4ng l\u1ee3i d\u1ee5ng \u0111\u1ec3 x\u00e2m nh\u1eadp v\u00e0 chi\u1ebfm quy\u1ec1n \u0111i\u1ec1u khi\u1ec3n h\u1ec7 th\u1ed1ng c\u1ee7a ng\u01b0\u1eddi kh\u00e1c.<\/p>\n<p>\u0110\u1ec3 b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng c\u1ee7a b\u1ea1n kh\u1ecfi c\u00e1c m\u1ed1i \u0111e d\u1ecda li\u00ean quan \u0111\u1ebfn Web Shell v\u00e0 c\u00e1c c\u00f4ng c\u1ee5 t\u01b0\u01a1ng t\u1ef1, c\u1ea7n \u00e1p d\u1ee5ng c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt nh\u01b0 c\u1eadp nh\u1eadt h\u1ec7 th\u1ed1ng v\u00e0 ph\u1ea7n m\u1ec1m th\u01b0\u1eddng xuy\u00ean, s\u1eed d\u1ee5ng ph\u1ea7n m\u1ec1m b\u1ea3o m\u1eadt chuy\u00ean d\u1ee5ng, gi\u00e1m s\u00e1t v\u00e0 ki\u1ec3m so\u00e1t truy c\u1eadp t\u1eeb xa, \u0111\u00e0o t\u1ea1o nh\u00e2n vi\u00ean v\u1ec1 an ninh m\u1ea1ng, v\u00e0 tri\u1ec3n khai <a href=\"https:\/\/interdata.vn\/blog\/tuong-lua-firewall\/\">t\u01b0\u1eddng l\u1eeda<\/a> (Firewall).<\/p>\n<p>Cu\u1ed1i c\u00f9ng, c\u1ea7n l\u01b0u \u00fd r\u1eb1ng vi\u1ec7c s\u1eed d\u1ee5ng Web Shell cho m\u1ee5c \u0111\u00edch t\u1ea5n c\u00f4ng l\u00e0 h\u00e0nh vi b\u1ea5t h\u1ee3p ph\u00e1p v\u00e0 c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn h\u1eadu qu\u1ea3 nghi\u00eam tr\u1ecdng. Ch\u00fang ta n\u00ean t\u1eadp trung v\u00e0o vi\u1ec7c b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng c\u1ee7a m\u00ecnh kh\u1ecfi c\u00e1c m\u1ed1i \u0111e d\u1ecda b\u1ea3o m\u1eadt v\u00e0 gi\u1ea3m thi\u1ec3u r\u1ee7i ro c\u00f3 th\u1ec3 x\u1ea3y ra.<\/p>\n<p><span>InterData cung c\u1ea5p nhi\u1ec1u d\u1ecbch v\u1ee5 l\u01b0u tr\u1eef v\u00e0 m\u00e1y ch\u1ee7, \u0111\u00e1p \u1ee9ng nhu c\u1ea7u \u0111a d\u1ea1ng c\u1ee7a kh\u00e1ch h\u00e0ng. C\u00e1c d\u1ecbch v\u1ee5 n\u1ed5i b\u1eadt g\u1ed3m<\/span><span>\u00a0<\/span><a href=\"https:\/\/interdata.vn\/thue-hosting\/\">G\u00f3i Hosting ch\u1ec9 t\u1eeb 1K\/ng\u00e0y<\/a><span>, s\u1eed d\u1ee5ng \u1ed5 SSD NVMe v\u00e0 \u0111\u01b0\u1eddng truy\u1ec1n 1Gbps, ph\u00f9 h\u1ee3p cho doanh nghi\u1ec7p nh\u1ecf v\u00e0 c\u00e1 nh\u00e2n v\u1edbi chi ph\u00ed t\u1ed1i \u01b0u.<\/span><span>\u00a0<\/span><a href=\"https:\/\/interdata.vn\/thue-vps\/\">VPS gi\u00e1 r\u1ebb<\/a><span>, ph\u1ea7n c\u1ee9ng m\u1ea1nh m\u1ebd, linh ho\u1ea1t t\u00f9y ch\u1ec9nh, ph\u00f9 h\u1ee3p cho <a href=\"https:\/\/interdata.vn\/blog\/website-la-gi\/\">website<\/a> nhi\u1ec1u truy c\u1eadp ho\u1eb7c \u1ee9ng d\u1ee5ng ph\u1ee9c t\u1ea1p.<\/span><span>\u00a0<\/span><a href=\"https:\/\/interdata.vn\/cloud-server\/\">D\u1ecbch v\u1ee5 Cloud Server<\/a><span>\u00a0<\/span><span>linh ho\u1ea1t, d\u1ec5 n\u00e2ng c\u1ea5p t\u00e0i nguy\u00ean, s\u1eed d\u1ee5ng c\u00f4ng ngh\u1ec7 ti\u00ean ti\u1ebfn, \u0111\u1ea3m b\u1ea3o an to\u00e0n v\u00e0 \u1ed5n \u0111\u1ecbnh.<\/span><span>\u00a0<\/span><a href=\"https:\/\/interdata.vn\/vietnam-dedicated-server\">D\u1ecbch v\u1ee5 m\u00e1y ch\u1ee7 ri\u00eang<\/a><span>\u00a0<\/span><span>m\u1ea1nh m\u1ebd, IP \u0111\u1ed9c l\u1eadp, h\u1ed7 tr\u1ee3 24\/7, \u0111\u1ea3m b\u1ea3o hi\u1ec7u su\u1ea5t v\u00e0 an to\u00e0n d\u1eef li\u1ec7u cho doanh nghi\u1ec7p.<\/span><\/p>\n<p><strong>InterData<\/strong><\/p>\n<ul>\n<li><strong>Website:<\/strong><span>\u00a0<\/span>Interdata.vn<\/li>\n<li><strong>Hotline 24\/24:<\/strong><span>\u00a0<\/span>1900-636822<\/li>\n<li><strong>Email:<\/strong><span>\u00a0<\/span>Info@interdata.vn<\/li>\n<li><strong>VP\u0110D:<\/strong><span>\u00a0<\/span>240 Nguy\u1ec5n \u0110\u00ecnh Ch\u00ednh, P.11. Q. Ph\u00fa Nhu\u1eadn, TP. Ho\u0302\u0300 Ch\u00ed Minh<\/li>\n<li><strong>VPGD:<\/strong><span>\u00a0<\/span>S\u1ed1 211 \u0110\u01b0\u1eddng s\u1ed1 5, K\u0110T Lakeview City, P. An Ph\u00fa, TP. Th\u1ee7 \u0110\u1ee9c, TP. H\u1ed3 Ch\u00ed Minh<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Web Shell l\u00e0 m\u00e3 \u0111\u1ed9c nguy hi\u1ec3m cho ph\u00e9p tin t\u1eb7c x\u00e2m nh\u1eadp v\u00e0 ki\u1ec3m so\u00e1t m\u00e1y ch\u1ee7 web, t\u1eeb \u0111\u00f3 th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh vi \u0111\u1ed9c h\u1ea1i nh\u01b0 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u hay t\u1ea5n c\u00f4ng h\u1ec7 th\u1ed1ng. B\u00e0i vi\u1ebft n\u00e0y s\u1ebd gi\u1ea3i th\u00edch c\u00e1ch Web Shell ho\u1ea1t \u0111\u1ed9ng, c\u00e1ch tin t\u1eb7c t\u1ea5n c\u00f4ng, c\u00f9ng<\/p>\n","protected":false},"author":2,"featured_media":16558,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[],"class_list":["post-16536","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-server"],"_links":{"self":[{"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/posts\/16536","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/comments?post=16536"}],"version-history":[{"count":0,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/posts\/16536\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/media\/16558"}],"wp:attachment":[{"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/media?parent=16536"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/categories?post=16536"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/tags?post=16536"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}