Generating A PHP Backdoor with weevely – Post Exploitation

What is Weevely?

Weevely is a web shell designed for remote server administration and penetration testing that can be extended over the network at runtime with more than 30 modules.

It executes remote code via an obfuscated PHP agent located on the compromised HTTP server. It fits both web administration and penetration testing post-exploitation scenarios to maintain access, provide situational awareness, escalate the privileges, and move laterally in the network.

  • Run operating system commands in a terminal
  • Pivot SQL console on the target
  • Proxy HTTP traffic on the target
  • Audit remote target
  • Mount the remote filesystem
  • Pivot port scan on target
  • Upload and download files
  • Spawn reverse and direct TCP shells
  • Upgrade to Meterpreter session
  • Bruteforce SQL accounts
  • Manage natively compressed archives
Liked it? Take a second to support Alexis on Patreon!
Share this post

Leave a Reply

Your email address will not be published. Required fields are marked *