Earlier today someone uploaded a php shell to one of my web servers. Luckily there was no possible way for them to get it to run.
The shell seems to be called ashshell and written by Erisim Engellendi. From browsing the source it seems pretty full featured. Looks like it even includes functions to access and dump running mysql databases. Maybe I'll run it just to see what it does.... then again maybe not.
A google search on some identifying strings don't seem to turn up any information (at least not in english).
Seems like someone in the security field would be interested in collecting shells like this one, but maybe they are too common to bother collecting now?
I will probably forget that I have it by tommorow and that will be the end of it.