An attacker can get a shell if if you just only have a single service running on the server at port 80 i.e. HTTPD. Now, In this scenario a single vulnerability in the server that allows an attacker to execute a command is sufficient for an intelligent hacker to gain interactive shell access.
Lets say if the target server is running a script called PHF or any other script or program that allows an attacker to execute commands. So, in this tutorial we are considering that the target server is running PHF script that used to come default with the older versions of Apache web server, and UNIX X Windows system. X is a windowing facility that allows many different programs to share a graphical display which is extremely robust and allows X based client programs to display their output to the local X server or to a remote X server running on ports 6000-6003.