Linux cli command weevely

➡ A Linux man page (short for manual page) is a form of software documentation found on Linux and Unix-like operating systems. This man-page explains the command weevely and provides detailed information about the command weevely, system calls, library functions, and other aspects of the system, including usage, options, and examples of _. You can access this man page by typing man followed by the weevely.

3 minute read

NAME 🖥️ weevely 🖥️

Weaponized web shell

DESCRIPTION

A web shell designed for post-exploitation purposes that can be extended over the network at runtime.

Upload weevely PHP agent to a target web server to get remote shell access to it. Once connected you can make use of the more than 30 modules to assist administrative tasks, maintain access, provide situational awareness, elevate privileges, and spread into the target network.

SYNOPSIS

Run terminal to the target
weevely <URL> <password> [cmd]

Generate backdoor agent
weevely generate <password> <path>

Load session file
weevely session <path>

Features

Shell access to the target
SQL console pivoting on the target
HTTP/HTTPS proxy to browse through the target
Upload and download files
Spawn reverse and direct TCP shells
Audit remote target security
Run Meterpreter payloads
Port scan pivoting on target
Mount the remote filesystem
Bruteforce SQL accounts pivoting on the target

Agent

The agent is a small, polymorphic PHP script hardly detected by AV and the communication protocol is obfuscated within HTTP requests.

Modules

Module	Description
:audit_filesystem	Audit the file system for weak permissions.
:audit_suidsgid	Find files with SUID or SGID flags.
:audit_disablefunctionbypass	Bypass disable_function restrictions with mod_cgi and .htaccess.
:audit_etcpasswd	Read /etc/passwd with different techniques.
:audit_phpconf	Audit PHP configuration.
:shell_sh	Execute shell commands.
:shell_su	Execute commands with su.
:shell_php	Execute PHP commands.
:system_extensions	Collect PHP and webserver extension list.
:system_info	Collect system information.
:system_procs	List running processes.
:backdoor_reversetcp	Execute a reverse TCP shell.
:backdoor_tcp	Spawn a shell on a TCP port.
:backdoor_meterpreter	Start a meterpreter session.
:bruteforce_sql	Bruteforce SQL database.
:file_gzip	Compress or expand gzip files.
:file_clearlog	Remove string from a file.
:file_check	Get attributes and permissions of a file.
:file_upload	Upload file to remote filesystem.
:file_webdownload	Download an URL.
:file_tar	Compress or expand tar archives.
:file_download	Download file from remote filesystem.
:file_bzip2	Compress or expand bzip2 files.
:file_edit	Edit remote file on a local editor.
:file_grep	Print lines matching a pattern in multiple files.
:file_ls	List directory content.
:file_cp	Copy single file.
:file_rm	Remove remote file.
:file_upload2web	Upload file automatically to a web folder and get corresponding URL.
:file_zip	Compress or expand zip files.
:file_touch	Change file timestamp.
:file_find	Find files with given names and attributes.
:file_mount	Mount remote filesystem using HTTPfs.
:file_enum	Check existence and permissions of a list of paths.
:file_read	Read remote file from the remote filesystem.
:file_cd	Change current working directory.
:sql_console	Execute SQL query or run console.
:sql_dump	Multi dbms mysqldump replacement.
:net_mail	Send mail.
:net_phpproxy	Install PHP proxy on the target.
:net_curl	Perform a curl-like HTTP request.
:net_proxy	Run local proxy to pivot HTTP/HTTPS browsing through the target.
:net_scan	TCP Port scan.
:net_ifconfig	Get network interfaces addresses.

AUTHOR

weevely is developed by The Weevely Developers, this manpage was made by Emilio <epinna> and Samuel Henrique <[email protected]> based on weevely’s README.md and can be used by other projects as well.

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

  █║▌│║█║▌★ KALI ★ PARROT ★ DEBIAN 🔴 PENTESTING ★ HACKING ★ █║▌│║█║▌

              ██╗ ██╗ ██████╗  ██████╗ ██╗  ██╗███████╗██████╗
             ████████╗██╔══██╗██╔═══██╗╚██╗██╔╝██╔════╝██╔══██╗
             ╚██╔═██╔╝██║  ██║██║   ██║ ╚███╔╝ █████╗  ██║  ██║
             ████████╗██║  ██║██║   ██║ ██╔██╗ ██╔══╝  ██║  ██║
             ╚██╔═██╔╝██████╔╝╚██████╔╝██╔╝ ██╗███████╗██████╔╝
              ╚═╝ ╚═╝ ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═════╝

               █║▌│║█║▌ WITH COMMANDLINE-KUNGFU POWER █║▌│║█║▌

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.