I ended up rewriting this web shell idea as a burp plugin. If some conditions are met, it will offers tab-completion, command history and persistence… just by leveraging an OS Command injection vulnerability and without the need of uploading a web shell or creating a bind or reverse shell.

Burp Shell Demo

You can find the plugin here:

You can find the article describing its use and principles here: