Hello friend’s, welcome back as we know that file upload vulnerability occurs most of the web application. However it have critical impact because it allow an attacker to upload malicious backdoor that can also called as shell. So it allows attacker to control whole system via remotely.
There are different methods to exploit file upload vulnerability, likewise can use popular shells, also generate shell with metasploit framework or weevely. Today we are going to learn about a tool callled as Weevely.
Weevely is weaponize php shell that able to establish connection like telnet. Which is use for web application post exploitation means to create backdoor and manage it with command with a specific password.
First let’s see how we can create backdoor with weevely with a specific password by using command “weevely generate 12345 shell00.php” where 12345 is password that we need to used while we are going to execute command on victim machine.
Setup DVWA is very easy, or can use metasploitable 2 which already contain it. login it with default credentials and go on file upload/upload lab to play the game, shown into image given below.
After backdoor uploaded successfully an attacker need to find location of that file some time need to do directory fuzzing, here it’s a lab so it’s shows url after file uploaded. Then attacker able to execute commands according to the targeted operating system.
The above images shows command executes on target system which is like weevely [URL] [Password] [Command] for eg. “weevely http://192.168.x.x/dvwa/hackable/uploads/shell00.php 12345 whoami”.