Weevely is a stealth PHP web shell that is designed for remote server administration and penetration testing.
It simplifies the administration of your web account, especially with unprivileged accounts such as free hosting services and other shared environments. It is an essential tool for post exploitation tasks like privilege escalation and access maintained even in restricted environments, and can be used as stealth backdoor.
- SQL console pivoted on target
- HTTP proxy pivoted on target
- Host configuration security auditing
- Mount of the remote filesystem
- Network scan pivoted on target
- Reverse and direct TCP shell
- Service account Bruteforce
- Compressed archive management
The remote agent is a small PHP script which can extend its functionality over the network at run-time. The agent code is polymorphic and hardly detectable by AV and the traffic is obfuscated within the HTTP requests.
Weevely also provides python API to develop your own modules.