Lab 8.1: Weevely - morgan-hanrahan/Tech-Journal GitHub Wiki

Reflection

In this lab, we investigated the tcp streams for a normal webshell, worked with Weeveley to construct a php agent and run a session, and evaluated the Weevely tcp stream in wireshark. This lab was quite simple for me, and I had no problems. I had previously worked extensively with Wireshark, so I was able to traverse it very well. I like working with Weevely and would like to see what else the tool may be used for.

Weevely

Weevely consists of three basics functions: terminal, session, and generate.

• terminal: Allows you to run terminal or command on the target
• session: Allows you to recover an existing session
• generate: Allows you to generate a new agent

In this lab, anonymous FTP was used to upload a file to http://10.0.5.25/upload/mh.php. Using the command weevely generate password ~/sec335/Tech-Journal/week8/mh.php, I was able to generate a php agent to the site. Next, I was able to run the command, weevely http://10.0.5.25/upload/mh.php password to carry on the weevely session.