This is the quick-hit version of the second of three parts of Introduction to Cryptography training I gave. As with all of the formal training, you can use the below for a quick reference, or view the full presentation here.
Sometimes you just need a quick PHP webshell to complement your RFI vulnerability you’ve uncovered. There are plenty of “fancy” ones with lots of features, but I prefer simple, effective, command-line equivalent access any day. If you’re of that persuasion as well, just use this as the target of your RFI to give yourself Hermit’s Stupidly Simple WebShell (HSSWS). Enjoy!