highexperimentalLinuxAI/MLT1505.003

LLM Service Writing Web Executable Content

Detects LLM service processes writing PHP, JavaScript, or HTML files to web server root directories. This indicates the model may be generating and deploying web shells or malicious web content triggered by prompt injection.

Updated Jan 15, 2025 · Detection Engineering Team

llmimproper-outputlinuxweb-shellowasp-llm05

Problem Statement

Writing executable web content (PHP, JS) to web server paths creates persistent remote code execution capabilities. When triggered from an LLM process this represents prompt injection achieving web shell deployment.

Sample Logs

{"timestamp":"2025-01-15T21:14:08Z","computer_name":"llm-host-01","user":"llm_svc","image":"/opt/llm/app/file_writer.py","target_filename":"/var/www/html/shell.php","event_type":"file_create"}

Required Fields

image

target_filename

user

computer_name

False Positives

·LLM web development tools that intentionally write generated code to a local preview web server

Tuning Guidance

LLM service accounts should never have write access to web server root directories. This is a high-fidelity indicator with minimal expected false positives in production.