Shell shoveling, innetwork security, is the act ofredirecting theinput and output of ashell to a service so that it can be remotely accessed, aremote shell.[1]
Incomputing, the most basic method of interfacing with the operating system is the shell. OnMicrosoft Windows based systems, this is a program calledcmd.exe orCOMMAND.COM. OnUnix orUnix-like systems, it may be any of a variety of programs such asbash,ksh, etc. This program accepts commands typed from a prompt and executes them, usually in real time, displaying the results to what is referred to asstandard output, usually a monitor or screen.
In the shell shoveling process, one of these programs is set to run (perhaps silently or without notifying someone observing the computer) accepting input from a remote system and redirecting output to the same remote system; therefore the operator of theshoveled shell is able to operate the computer as if they were present at the console.[2]