Weevely PHP Stealth Web Backdoor Kali Linux

Weevely is a stealth PHP web shell that
simulate an SSH-like connection. It is an essential tool for web
application post exploitation, and can be used as stealth backdoor or
as a web shell to manage legit web accounts, even free hosted ones.
After hacking into a website, a penetration tester used to
install/configure his/her backdoor on the web server to remotely
connect with the hacked server; the purpose to install the web
backdoor is vary and it totally depends on the nature of attack,
however the configuration process is almost same for all type of
attack.
The success of any hacking attack and
its post exploitation is highly depends on the technique and the
tools, Weevely is one of the renowned tool to get a shell access of a
web server. It is available on Kali linux and other Linux
distribution by default. Weevely is composed of more than 30 modules
to automate administration and post exploitation tasks:
  • Execute commands and browse remote
    filesystem, even with PHP security restriction
  • Audit common server
    misconfigurations
  • Run SQL console pivoting on target
    machine
  • Proxy your HTTP traffic through
    target
  • Mount target filesystem to local
    mount point
  • File transfer from and to target
  • Spawn reverse and direct TCP
    shells
  • Bruteforce SQL accounts through
    target system users
  • Run port scans from target
    machine
  • And so on..
The other notable functions of weevely
are:
  • Backdoor communications are hidden
    in HTTP Cookies
  • Communications are obfuscated to
    bypass NIDS signature detection
  • Backdoor polymorphic PHP code is
    obfuscated to avoid HIDS AV detection
If you are not using Kali or any other
Linux distribution created for hacking/penetration testing then you
have the python script of weevely from github.com
For the tutorial purpose, I am using
Kali linux:
Click on the terminal and type weevely
for the basic window.

To create a PHP backdoor, follow the
command:
weevely generate <password>
After that, all you need to do is just
upload your backdoor on the hacked server, and you can communicate to
your backdoor by using the following command:
weevely <url> <password>
After making connection with the
server, many tasks can be executed; for example:

P { margin-bottom: 0.08in; }

| :shell.sh | System shell
|
:shell.php | PHP shell
| :system.info | Collect system
informations
| :find.perms | Find files with write, read, execute
permissions
| :find.suidsgid | Find files with superuser flags
|
:backdoor.reversetcp | Send reverse TCP shell
| :backdoor.tcp |
Open a shell on TCP port
| :bruteforce.sql | Bruteforce SQL
username
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Blind SQL Injection Tutorial to Hack a Website

In the previous article, we have the basics of SQL Injection; what SQLi is and what are the types of SQL injection. And, In...

What is SQL Injection? Tutorial: Type and Example

What is SQL injection, and what are the types of SQL injection? These are the common questions, and we will seek the answer to...

Are Cisco 300-410 Exam and Its Related Certification Your Pathway to Career Success? Find Out about This

Introduction Career success can mean different things to different people. For some, it could mean having a prestigious title and for others, it could be...

How to Hack Windows 10 Password Using FakeLogonScreen in Kali Linux

This article demonstrates an in-depth guide on how to hack Windows 10 Passwords using FakeLogonScreen. Hacking Windows 10 password is an exciting topic and...

LOOKING FOR HACKING RECIPES FORM THE PRO?

Then sign up for FREE to the ehacking’s exclusive group. You will get the exclusive tips/tricks, tutorials, webinars & courses that I ONLY share with my fellow on this exclusive newsletter.