Weevely – PHP Stealth Tiny Web Shell

Keep on Guard!


Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones.

Weevely is currently included in Backtrack and Backbox and all the major Linux distributions oriented for penetration testing.

  • More than 30 modules to automatize administration and post exploitation tasks:
    • Execute commands and browse remote filesystem, even with PHP security restriction
    • Audit common server misconfigurations
    • Run SQL console pivoting on target machine
    • Proxy your HTTP traffic through target
    • Mount target filesystem to local mount point
    • Simple file transfer from and to target
    • Spawn reverse and direct TCP shells
    • Bruteforce SQL accounts through target system
    • Run port scans from target machine
    • And so on..
  • Backdoor communications are hidden in HTTP Cookies
  • Communications are obfuscated to bypass NIDS signature detection
  • Backdoor polymorphic PHP code is obfuscated to avoid HIDS AV detection

You can download Weevely v1.0 here:

weevely-1.0.tar.gz

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Web Hacking

,


Latest Posts:


BootStomp - Find Bootloader Vulnerabilities BootStomp – Find Android Bootloader Vulnerabilities
BootStomp is a Python-based tool, with Docker support that helps you find two different classes of bootloader vulnerabilities and bugs.
Google Chrome Marking ALL Non-HTTPS Sites Insecure July 2018 Google Chrome Marking ALL Non-HTTPS Sites Insecure July 2018
Google is ramping up its campaign against HTTP only sites and is going to mark ALL Non-HTTPS sites insecure in July 2018 with the release of Chrome 68.
altdns - Subdomain Recon Tool With Permutation Generation altdns – Subdomain Recon Tool With Permutation Generation
Altdns is a subdomain recon tool in Python that allows for the discovery of subdomains that conform to patterns. The tool takes in words that could be present in subdomains under a domain (such as test, dev, staging) as well as takes in a list of subdomains that you know of.
0-Day Flash Vulnerability Exploited In The Wild 0-Day Flash Vulnerability Exploited In The Wild
So another 0-Day Flash Vulnerability is being exploited in the Wild, a previously unknown flaw which has been labelled CVE-2018-4878 and it affects 28.0.0.137 and earlier versions
dorkbot - Command-Line Tool For Google Dorking dorkbot – Command-Line Tool For Google Dorking
dorkbot is a modular command-line tool for Google dorking, which is performing vulnerability scans against a set of web pages returned by Google search queries in a given Google Custom Search Engine.
USBPcap - USB Packet Capture For Windows USBPcap – USB Packet Capture For Windows
USBPcap is an open-source USB Packet Capture tool for Windows that can be used together with Wireshark in order to analyse USB traffic without using a Virtual Machine.


Comments are closed.