Weevely – Stealth tiny web shell
Weevelyis a stealth PHP web shell that simulate telnet-like connection. It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones.Main features:
* More than 30 modules to automatize administration and post exploitation tasks
o Execute commands and browse remote filesystem, even with PHP security restriction
o Audit common server misconfigurations
o Run SQL console pivoting on target machine
o Simple file transfer from and to target
o Spawn reverse and direct TCP shells
o Bruteforce passwords of target system users
* Backdoor communications are hidden in HTTP Cookies
* Communications are obfuscated to bypass NIDS signature detection
* Backdoor polymorphic PHP code is obfuscated to avoid HIDS AV detection
* More than 30 modules to automatize administration and post exploitation tasks
o Execute commands and browse remote filesystem, even with PHP security restriction
o Audit common server misconfigurations
o Run SQL console pivoting on target machine
o Simple file transfer from and to target
o Spawn reverse and direct TCP shells
o Bruteforce passwords of target system users
* Backdoor communications are hidden in HTTP Cookies
* Communications are obfuscated to bypass NIDS signature detection
* Backdoor polymorphic PHP code is obfuscated to avoid HIDS AV detection
changes latest version : Fixed help prints
For How To Usage and Modules List Right Here
Download Version : epinna-weevely.zip(115 KB) | weevely-0.6.tar.gz (45KB)
Read more in here : http://disse.cting.org/
