Weaponized Web Shell: weevely3

Weevely is a command line web shell dynamically extended over the
network at runtime designed for remote administration and pen testing.
It provides a weaponized telnet-like console through a PHP script
running on the target, even in restricted environments.

The low footprint agent and over 30 modules shape an extensible
framework to administrate, conduct a pen-test, post-exploit, and audit
remote web accesses in order to escalate privileges and pivot deeper in
the internal networks.

The modules feature:

  • Shell/PHP telnet-like network terminal
  • Common server misconfigurations auditing
  • SQL console pivoting on target
  • HTTP traffic proxying through target
  • Mount target file system to local mount point
  • Conduct network scans pivoting on target
  • File upload and download
  • Spawn reverse and direct TCP shells
  • Bruteforce services accounts
  • Compress and decompress zip, gzip, bzip2 and tar archives

Weevely Discussed Before

The backdoor agent

The remote agent is a very low footprint php script that receives
dynamically injected code from the client, extending the client
functionalities over the network at run-time. The agent code is
polymorphic and hardly detectable by AV and HIDS. The communication is
covered and obfuscated within the HTTP protocol using steganographic
techniques.

Download & Read More:

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Exploit Heartbleed using Metasploit in Kali Linux

Heartbleed vulnerability (registered as CVE-2014-0160) is a security bug present in the older version of OpenSSL cryptographic library. OpenSSL is a cryptographic toolkit used...

How to Install Parrot Security OS on VirtualBox in 2020

Parrot Security OS is a free GNU/LINUX distribution, released on 10th April 2013. It is a mixture of Kali Linux and Frozenbox OS, aims to...

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...