New features :
– Add new module :file_grep for simulate a unix-like grep
– Add new module :net_curl for HTTP requests
Weevely is a PHP web shell that provides a weaponized telnet-like interface to administrate a remote web access.
It is a swiss army knife to administrate a web account, even in restricted remote environments. Weevely is an essential tool for web application post exploitation, access maintaining, target security audit, pivot deeper in the target network, and much more.
The modular framework
Weevely modules extend the terminal providing a layer to interact to the remote target.
The modules feature:
– Shell/PHP telnet-like network terminal
– Common server misconfigurations auditing
– SQL console pivoting on target network
– HTTP traffic proxy through target
– Mount target file system to local mount point
– Run scans or pivoted exploiting through target network
– File transfer from and to target
– Spawn reverse and direct TCP shells
– Bruteforce SQL accounts through target system users
– The backdoor agent
The backdoor agent :
The remote agent is a very low footprint agent that receives the dynamically injected code from the client, extending the client functionalities over the network at run-time. The agent code is polymorphic and hardly detectable by AV and HIDS. The communication is covered and obfuscated within the HTTP protocol using steganographic techniques.
Weevely is tested on Linux environments, with Python 2.7. and certain libraries installed.