Weevely – is a PHP webshell that provides SSH connection to manage website remotely. it can be used as a backdoor system to PoC during a pentest or a web shell to manage legit web accounts. The shell consists of more then 30 modules to automate both administrative and post-operational tasks including:
- Execute commands and browse remote filesystem, even with PHP security restriction
- Audit common server misconfigurations
- Run SQL console pivoting on target machine
- Proxy your HTTP traffic through target
- Mount target filesystem to local mount point
- Simple file transfer from and to target
- Spawn reverse and direct TCP shells
- Bruteforce SQL accounts through target system
- Run port scans from target machine.
First of all penetration tester needs to generate the php backdoor file with password of connection. Next upload the weevely.php file to the webserver that is generated by the tool, weevely will automatically detects the best way to execute the commands on targeted system. Weevely communications are hidden in HTTP Cookies and is obfuscated to bypass NIDS signature detection. if you are using Backtrack you can find the tool already integrated under /pentest/web/backdoors/. it is also possible to find it on BackBox.
To download and use Weevely make sure to follow this link.