DOKK / manpages / debian 12 / weevely / weevely.1.en
WEEVELY(1) User Commands WEEVELY(1)

Weevely - Weaponized web shell

A web shell designed for post-exploitation purposes that can be extended over the network at runtime.

Upload weevely PHP agent to a target web server to get remote shell access to it. Once connected you can make use of the more than 30 modules to assist administrative tasks, maintain access, provide situational awareness, elevate privileges, and spread into the target network.

Run terminal to the target
weevely <URL> <password> [cmd]
Generate backdoor agent
weevely generate <password> <path>
Load session file
weevely session <path>

Shell access to the target
SQL console pivoting on the target
HTTP/HTTPS proxy to browse through the target
Upload and download files
Spawn reverse and direct TCP shells
Audit remote target security
Run Meterpreter payloads
Port scan pivoting on target
Mount the remote filesystem
Bruteforce SQL accounts pivoting on the target

The agent is a small, polymorphic PHP script hardly detected by AV and the communication protocol is obfuscated within HTTP requests.

Module Description
:audit_filesystem Audit the file system for weak permissions.
:audit_suidsgid Find files with SUID or SGID flags.
:audit_disablefunctionbypass Bypass disable_function restrictions with mod_cgi and .htaccess.
:audit_etcpasswd Read /etc/passwd with different techniques.
:audit_phpconf Audit PHP configuration.
:shell_sh Execute shell commands.
:shell_su Execute commands with su.
:shell_php Execute PHP commands.
:system_extensions Collect PHP and webserver extension list.
:system_info Collect system information.
:system_procs List running processes.
:backdoor_reversetcp Execute a reverse TCP shell.
:backdoor_tcp Spawn a shell on a TCP port.
:backdoor_meterpreter Start a meterpreter session.
:bruteforce_sql Bruteforce SQL database.
:file_gzip Compress or expand gzip files.
:file_clearlog Remove string from a file.
:file_check Get attributes and permissions of a file.
:file_upload Upload file to remote filesystem.
:file_webdownload Download an URL.
:file_tar Compress or expand tar archives.
:file_download Download file from remote filesystem.
:file_bzip2 Compress or expand bzip2 files.
:file_edit Edit remote file on a local editor.
:file_grep Print lines matching a pattern in multiple files.
:file_ls List directory content.
:file_cp Copy single file.
:file_rm Remove remote file.
:file_upload2web Upload file automatically to a web folder and get corresponding URL.
:file_zip Compress or expand zip files.
:file_touch Change file timestamp.
:file_find Find files with given names and attributes.
:file_mount Mount remote filesystem using HTTPfs.
:file_enum Check existence and permissions of a list of paths.
:file_read Read remote file from the remote filesystem.
:file_cd Change current working directory.
:sql_console Execute SQL query or run console.
:sql_dump Multi dbms mysqldump replacement.
:net_mail Send mail.
:net_phpproxy Install PHP proxy on the target.
:net_curl Perform a curl-like HTTP request.
:net_proxy Run local proxy to pivot HTTP/HTTPS browsing through the target.
:net_scan TCP Port scan.
:net_ifconfig Get network interfaces addresses.

https://github.com/epinna/weevely3/wiki

weevely is developed by The Weevely Developers, this manpage was made by Emilio <epinna> and Samuel Henrique <samueloph@debian.org> based on weevely's README.md and can be used by other projects as well.

October 2018 weevely 3.7.0