Weevely PHP Backdoor 0.7



 

Weevely is a stealth PHP web shell that simulate telnet-like connection. It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones.

weevely-backdoor

Weevely is currently included in Backtrack and Backbox and other Linux distributions for penetration testing.

Start with a quick Tutorial, read about Modules and Generators.

Ø  More than 30 modules to automatize administration and post exploitation

Ø  Execute commands and browse remote filesystem, even with PHP security restriction

Ø  Audit common server misconfigurations

Ø  Run SQL console pivoting on target machine

Ø  Open HTTP proxy to tunnel your traffic through target

Ø  Simple file transfer from and to target

Ø  Spawn reverse and direct TCP shells

Ø  Bruteforce passwords of target system users

Ø  Run port scans from target machine

Ø  Backdoor communications are hidden in HTTP Cookies

Ø  Communications are obfuscated to bypass NIDS signature detection

Ø  Backdoor polymorphic PHP code is obfuscated to avoid HIDS AV detection

Download

ABOUT THE AUTHOR
AbhiShek SinGh
Founder of 'TheHackingArticles'. Cyber Security Analyst, Cyber Security Researcher, and Software Engineer. Follow 'AbhiShek SinGh' on Facebook , Twitter or Google+ or via Email

Subscribe to stay up to date