{"id":3961,"date":"2015-09-19T02:39:40","date_gmt":"2015-09-18T18:39:40","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=3961"},"modified":"2015-09-19T02:43:01","modified_gmt":"2015-09-18T18:43:01","slug":"weevely-3-weaponized-php-web-shell","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2015\/09\/weevely-3-weaponized-php-web-shell\/","title":{"rendered":"Weevely 3 – Weaponized PHP Web Shell"},"content":{"rendered":"
Weevely is a command line weaponized PHP web shell dynamically extended over the network at runtime and is designed for remote administration and pen testing. It provides a telnet-like console through a PHP script running on the target, even in restricted environments.<\/p>\n
The low footprint agent and over 30 modules shape an extensible framework to administrate, conduct a pen-test, post-exploit, and audit remote web accesses in order to escalate privileges and pivot deeper in the internal networks.<\/p>\n
<\/p>\n
The remote agent is a very low footprint PHP script that receives dynamically injected code from the client, extending the client functionalities over the network at run-time. The agent code is polymorphic and hardly detectable by AV and HIDS. The communication is covered and obfuscated within the HTTP protocol using steganographic techniques.<\/p>\n
We did mention Weevely a couple of years back at v1.0: Weevely \u2013 PHP Stealth Tiny Web Shell<\/a><\/p>\n Weevely also provides python API which can be used to develop your own module to implement internal audit, account enumerator, sensitive data scraper, network scanner, make the modules work as a HTTP or SQL client and do a whole lot of other cool stuff.<\/p>\n You can download Weevely here:<\/p>\nModule Features<\/h3>\n
\n
What’s New<\/h3>\n
\n