¨Every minute, Reverse WWW Shell
server will contact the master to retrieve commands issued by
the attacker
¨Reverse WWW Shell server executes
the commands, sends the results to Reverse WWW Shell master
(via http request), and retrieves the next command (via http reply)
¨Victim machine appears to be a web
client sending HHTP Get commands while attacker’s machine appears to be
a web server