Lab 8.1 - Adam-Hachem/SEC335 GitHub Wiki

Useful commands:

This lab was all about Weevely. Check my dedicated Weevely page for more info and instructions on how to use it.

Reflection:

This lab, we learned to obfuscate the data flowing through a webshell. Weevely streamlines this by implementing its own password-based encryption that makes the traffic unreadable, lowering the chances that defensive measures will detect the intrusion. In Wireshark, we could see that our simple webshells had their data transmitted in plaintext, but the Weevely webshell couldn't be deciphered.