Weevely is a PHP command line web shell usually used as a backdoor while performing the post exploitation phase of a penetration test. By default in Kali Linux, the installed version 1.1 isn’t supported anymore but version 3 is available on GitHub.
Generate the backdoor:
weevely generate.<mode> <password> <path>
The password is optionnal but it’s important to protect your customer from other users because an unwanted access can easily lead to a full access on the server with privileges escalation. There is three kinds of backdoor available but this functionnality seems to have been removed in version 3.
- htaccess: a single
.htaccessfile is created containing the malicious code and the right Apache directive so that all
.htaccessfiles are considered as regular PHP script
- img: giving an existing image, Weevely will concatenate the binary datas and the malicious code, plus it also creates an
.htaccessto tell Apache that the image should be considered as a regular PHP script (that means both files should be uploaded on the target server)
- php: this is the default, a single PHP script is generated