How to Make a Backdoor for PHP Websites using Weevely?

Hacker’s usually leave Backdoor behind so they can come in handy for a variety of reasons. Once you got access to your target server Backdoor is the quickest way into machines they’re working on, or for systems administrators who want similar access.

Weevely will make a terminal on the objective server and consider remote code activities by means of a little impression PHP specialist. It incorporates more than 30 modules for organization and support needs, and in addition benefit acceleration and even system parallel development. Think about those facilitating accounts you utilize that secure your get to—this can prove to be useful there, and on different servers, you’ve effectively penetrated.

First Download Weevely

If you’re using Kali Liunx then it is pre-installed in it.

First Download Weevely

Download the Git file:

Download via HTTP right now in your browser:

Download via wget (in your terminal):

Creating Backdoor using Weevely!

It’s time for creating your own Backdoor using Weevely.

weevely generate yourpassword backdoor.php

It would be better if you rename backdoor.php to something else!

Now it’s time to test your backdoor.. by uploading it to targeted server. I’m uploading the backdoor in my own apache server.

How to start Apache server in Kali Linux?

Apache is pre-installed in Kali Linux you can simply run localhost by typing a simple command in terminal.

Open up your terminal and write.

service apache2 start

service apache2 stop

service apache2 restart

That’s what comes after starting the apache on localhost.

And now we’re gonna upload our backdoor.php inside /var/www/html folder.

Once you have uploaded your backdoor.php inside server it’s time to connect to our backdoor. First let’s check how it looks when we open that file in browser.

 

It’s a blank screen! if you wanted to hide your backdoor from getting caught you should be doing something smart to hide it not just leave it there with name backdoor.php or something else which doesn’t work.

I would suggest you rename it to phpinfo.php And add a code inside it.

<?php

       phpinfo();

?>

When you put that phpinfo(); code inside your backdoor. That will show all your information about php server and apache in your browser.. that will be the bit confusing for administrator or owner.

So, now that your done with uploading and setting up… it’s time to access your backdoor which we have created now.

weevely http://localhost/backdoor.php password

Simply typing :help at this point will show you all the things you’re able to try right out of the box.

Weevely has more than 30 modules built in, so there’s a lot to work with here. For example, file_ls does exactly what you’d think, and file_cp might let you copy a file as long as you have worked out your from and to paths just like on a local system. You might be able to grab a whole lot at once with file_tar, then use cp to have a lot of reading.

There are ways to elevate your rights from within Weevely, so if you have elevated rights on the server, you can do basically everything with it. You might be able to get a few clues on your target system with audit_password. Just remember to stay on the down-low here, to both save yourself time and effort if you’re messing with your own system, and to remain quiet if on other systems.

Troubleshooting

Did you run into any errors during this exercise? I’m running on a new system that’s a bit bare-boned, so while I was able to unzip the master.zip directory and see the files it contained, I was not initially able to get Weevely’s Python script to run correctly.

So if you run into the same issue and see something like this:

  • ImportError: No module named prettytable

Just run something like this, replacing the module name with whatever one is missing:

  • $ sudo apt install python-prettytable

If you have any more issues running this script as a backdoor, let me know in the comments below, and I’ll see what I can do.

Back to top button
Close