The main thing is that the victim opens it, then all the russian phone number list passwords will be sent to the attacker's server. Next, using the parser, you can view the reports downloaded from the server, which will contain all the information about your system and passwords. How to protect your website from viruses How to protect your website from viruses A little bit about shells If your site has been hacked, and you have cleaned the files, changed the passwords, it does not mean that the site is safe.
Perhaps you have a shell leaked, which means that access to your site will be open at any time for the one who leaked it. There are a lot of shells at the moment, some with a web interface, some working through the command line. This is what a shell looks like: How to protect your website from viruses How to protect your website from viruses As we can see, there is everything here, in fact - this is a full-fledged site admin panel.
There is access to all files and changing rights. There is a console for executing PHP code, we can also access the database. As a rule, the first thing a hacker does after getting a password or finding a vulnerability on a website is to upload a shell. The file is usually hidden deep inside, all shell call functions are encoded.