This case demonstrates a classic but still deeply effective tactic: the use of an improperly validated file upload to implant a web shell. It wasn’t an exploit. It wasn’t a brute force attack. It was a misused feature — a vulnerable application logic path that let an attacker turn a web server into a foothold.