Software Development Exam > Software Development Videos > Get to know Ethical Hacking (English) > Generating A PHP Backdoor with weevely - Post Exploitation
Generating A PHP Backdoor with weevely - Post Exploitation Video Lecture | Get to know Ethical Hacking (English) - Software Development
FAQs on Generating A PHP Backdoor with weevely - Post Exploitation Video Lecture - Get to know Ethical Hacking (English) - Software Development
| 1. What is weevely and how can it be used to generate a PHP backdoor? |  |
Ans. Weevely is a web shell that allows attackers to gain unauthorized access to a web server. It is typically used for post-exploitation activities. Weevely can be used to generate a PHP backdoor by creating a malicious PHP script that is uploaded to the target server. This script can then be executed remotely, giving the attacker control over the server.
| 2. Is weevely a legal tool? | |
Ans. Weevely itself is a legitimate tool used for legitimate purposes, such as testing the security of web servers. However, using weevely for illegal activities, such as unauthorized access or data theft, is illegal and can result in criminal charges.
| 3. What are some common post-exploitation activities that can be performed using weevely? | |
Ans. Once a PHP backdoor is generated using weevely, an attacker can perform various post-exploitation activities. Some common activities include:
- Uploading, downloading, or modifying files on the target server.
- Running system commands to gather information or execute malicious actions.
- Accessing databases and extracting sensitive information.
- Creating new user accounts or modifying existing ones.
- Defacing websites or altering their content.
| 4. How can organizations protect themselves against weevely attacks? | |
Ans. To protect against weevely attacks, organizations should consider the following measures:
- Regularly update and patch web server software to address any vulnerabilities that could be exploited by weevely.
- Implement strong access controls, including secure passwords and proper user permissions.
- Use a web application firewall (WAF) to detect and block suspicious activities.
- Monitor server logs and network traffic for any signs of unauthorized access or unusual behavior.
- Conduct regular security audits and penetration testing to identify and fix any vulnerabilities before they can be exploited.
| 5. Is it possible to detect the presence of weevely on a compromised server? | |
Ans. Detecting the presence of weevely on a compromised server can be challenging as it is designed to be stealthy. However, some indicators that may suggest the presence of weevely include:
- Unusual or unexpected PHP files or scripts on the server.
- Suspicious network traffic patterns, such as connections to known weevely command and control servers.
- Unusual system behaviors, such as high CPU or memory usage.
- Anomalous log entries or unexpected modifications to log files.
To increase the chances of detection, organizations can use intrusion detection systems (IDS) or security monitoring tools that specialize in detecting web shell activity.
Text Transcript from Video
[Music]
hey guys hacky sploit here back again
with another video and this video we're
gonna be looking at how to generate a
back door or a PHP back door with we've
Lee alright so you might have heard of
Weebly or you might not have heard of
we've Lee and essentially what we've lee
is it is a PHP shell that will give you
a connection like SSH so that you know
you can execute system commands and it
essentially gives you backdoor access to
the server that or you know the target
that you have hacked all right so it
comes pre-installed with Kali Linux and
the parrot OS so you're pretty much good
to go otherwise you can find it in
github it's very very easily
just search for it on git github it's
we've Li W double e VL la vie ly okay
so it offers a lot of a lot of post
exploitation
you know advantages in the sense that
you can you can spawn reverse shelves
you can execute commands and you know
that is pretty much all you're gonna
need once you once you have exploited a
server you know you want to live you
want to maintain access in that server
whenever you like and we've Lee is
fantastic it's actually really really
powerful now I know I actually mentioned
on the community section that we'll be
making a video on nikto and and you know
things like the Medusa or for the other
web vulnerability scanners but actually
I'm going to be working on an entire new
series for that because it is a large
topic and I don't think that I can cover
it you know I can give it its full I can
cover it to its maximum potential few
set of videos so I'll be working on a
large project for that so as we did in
the previous video and you're hacking
WordPress we managed to brute force the
WordPress installation we got the
username and password so we have got we
have we have successfully exploited the
system now we need to maintain access so
it's getting a little more interesting
so I already have the WordPress server
running and I already know the password
so I'm just going to go to the they way
it's already loaded up so I'm just gonna
log in now
oh it's actually logged in already so I
can just go to WordPress admin dot PHP
like so and there we are alright so we
are already logged in and now as I said
you know we can upload a PHP file that
if we redirect to and we obviously know
the name of the PHP file if we upload it
to the local directory it means that the
web page will process your request and
it will return that and then you can you
know you can connect to the to the to
the shell that you've uploaded which in
this case you will be generating with
we've Lee alright so you know generating
a PHP shell with we've Lee is really
really easy and we're going to be
looking at that right now so just open
up your terminal right and I'm just
gonna zoom in so we can see what's going
on alright
awesome let's get started so the syntax
is really really simple so we've Lee
whoops
so it's we've Lee so it's pretty much as
simple as that
WWE ve ly okay so we've Lee and then we
want to use generate right so we're
telling we've Lee to generate so it
already knows that we are telling you to
generate a PHP shell so it's gonna know
that the next piece of information you
need to enter is the password for the
shell right this is very important so
that only you have connection and only
oh you are able to use this backdoor
right so I'm just going to use a simple
password like 1 2 3 4 5 you know
something really really simple because I
don't want to use anything complex now
I'm gonna store the PHP file on my
desktop
alright so you I'm just gonna specify
the location I want to store it in so
root desktop and I'm gonna give it a
name so I'm just gonna give it up now
this is where social engineering comes
into play now obviously most you know if
we're talking generally speaking and I
know I'm doing this on my lab but in in
in reality now web servers are probably
going to be monitored by the you know by
security teams and they're going to be
snooping around for you know weird weird
files with weird naming so if you name
it backdoor you know you're just looking
for trouble and that can you know that
can expose you really
badly and you know I'm talking I know
I'm talking from a blackheads
perspective but I'm just giving you an
idea of how you know how these things
are thought through so what I will do is
out name it something like let's see
something interesting like as you saw in
the previous video a for for redirect
alright so for for dot php' right that
is the extension that we're going to use
so now if when I hit enter it's going to
generate it
there we are generated backdoor with
password 1 2 3 4 5 enroute desktop and
it's 1 4 6 9 bytes in terms of its size
and here it is so it's a PHP file if you
open it up everything is encoded so it's
you know if anyone found it it would be
a matter of of you know reverse
engineering it alright so we need to
upload this to the server and luckily
for us we have the file manager
installed on WordPress and you know it's
really really simple to do this and
obviously if you crack the ftp protocol
you can also upload it like that so one
would go to the wordpress file manager
and you need to upload it to the root
directory otherwise you have to you know
go through subdomains which is also a
great idea if you upload it you know in
with the image specification and use
image upload vulnerabilities you know
that that's basic web penetration
testing but for this which is going to
keep it simple you know I'm just gonna
right click and I'm gonna whoops it's
not allowing me to upload there your
upload files and I'm gonna select the
file which is on my desktop there are 4
for dot PHP and it's already uploaded
and now you know usually if I hit a
unknown web page it would reply with
something that is completely vague right
so what I will do now is I will just I
will enter the address so 191 168 point
one point 108 and 404 dot PHP because
it's uploaded locally through the you
know local directory so I'm just going
to enter and there you are
now this is a good sign if it doesn't
give you any result it means that the
script is already active now you might
be wondering well what we do now how do
we connect to this
well we connect to it using we've Lee
alright so let's get start
with that right now all right so what
you're gonna do is really really very
simple we're just gonna use we've Lee
we've Lee as the command obviously and
and now we need to connect to it so
we're going to specify the web page so
HTTP we have to use the protocol so
192.168.1.1 o8 and we are connecting to
that script or that shell so 404 whoops
dot PHP and then we specify the password
which in this case was one two three
four five and it should exploit it
immediately or give us backdoor access
somebody's gonna enter and there we are
and now we can execute commands awesome
man this is so cool so if I hit LS you
can see we can access all the files that
exist on the website and this is
extremely dangerous you know this is
just giving you access to anything on
the web server and you know you have
complete access of everything and as you
can see if it's running on a server
which it is you can then you know
navigate backwards and you're
essentially in the in the root directory
of the entire Linux server which you can
you know exploit further and cause a lot
of damage now that again I'm passing out
it as a disclaimer I do not encourage
you doing this to any site because this
you know this can cause a lot of damage
and yeah that's essentially how to
generate a backdoor I know it's pretty
pretty simple but again really really
powerful but the real trick is as we
know is exploiting a system that is the
real trick you know once you're in you
can do a lot of damage and you can
maintain access and these systems
administrators wouldn't even know the
thing you know usually well I actually
had first-hand experience with this
where I was a system and administrator
and you know the image it was actually
hidden in the images folder we're using
you know the image upload
vulnerabilities that essentially allowed
a user to exploit at the upload system
where the user was able to you know with
burp suite were able to modify the the
upload they're essentially able to to
change the extension of the image to a
PHP file after they had uploaded it and
then you know through burps we did for
did it
and the packets and it got sent and the
images uploaded and you know there you
go
exploited as simple as that so again
website security is also supposed to be
top-notch and yeah hopefully you guys
found value in this video if you did
please leave a like down below if you
have any questions or suggestions let me
know in the comment section down below
or you can hit me up on my social
networks if you have any personal
questions hit me up on kik and yeah
thank you so much for qing guys I'll be
seeing you in the next video peace
[Music]
hey guys hacky sploit here back again
with another video and this video we're
gonna be looking at how to generate a
back door or a PHP back door with we've
Lee alright so you might have heard of
Weebly or you might not have heard of
we've Lee and essentially what we've lee
is it is a PHP shell that will give you
a connection like SSH so that you know
you can execute system commands and it
essentially gives you backdoor access to
the server that or you know the target
that you have hacked all right so it
comes pre-installed with Kali Linux and
the parrot OS so you're pretty much good
to go otherwise you can find it in
github it's very very easily
just search for it on git github it's
we've Li W double e VL la vie ly okay
so it offers a lot of a lot of post
exploitation
you know advantages in the sense that
you can you can spawn reverse shelves
you can execute commands and you know
that is pretty much all you're gonna
need once you once you have exploited a
server you know you want to live you
want to maintain access in that server
whenever you like and we've Lee is
fantastic it's actually really really
powerful now I know I actually mentioned
on the community section that we'll be
making a video on nikto and and you know
things like the Medusa or for the other
web vulnerability scanners but actually
I'm going to be working on an entire new
series for that because it is a large
topic and I don't think that I can cover
it you know I can give it its full I can
cover it to its maximum potential few
set of videos so I'll be working on a
large project for that so as we did in
the previous video and you're hacking
WordPress we managed to brute force the
WordPress installation we got the
username and password so we have got we
have we have successfully exploited the
system now we need to maintain access so
it's getting a little more interesting
so I already have the WordPress server
running and I already know the password
so I'm just going to go to the they way
it's already loaded up so I'm just gonna
log in now
oh it's actually logged in already so I
can just go to WordPress admin dot PHP
like so and there we are alright so we
are already logged in and now as I said
you know we can upload a PHP file that
if we redirect to and we obviously know
the name of the PHP file if we upload it
to the local directory it means that the
web page will process your request and
it will return that and then you can you
know you can connect to the to the to
the shell that you've uploaded which in
this case you will be generating with
we've Lee alright so you know generating
a PHP shell with we've Lee is really
really easy and we're going to be
looking at that right now so just open
up your terminal right and I'm just
gonna zoom in so we can see what's going
on alright
awesome let's get started so the syntax
is really really simple so we've Lee
whoops
so it's we've Lee so it's pretty much as
simple as that
WWE ve ly okay so we've Lee and then we
want to use generate right so we're
telling we've Lee to generate so it
already knows that we are telling you to
generate a PHP shell so it's gonna know
that the next piece of information you
need to enter is the password for the
shell right this is very important so
that only you have connection and only
oh you are able to use this backdoor
right so I'm just going to use a simple
password like 1 2 3 4 5 you know
something really really simple because I
don't want to use anything complex now
I'm gonna store the PHP file on my
desktop
alright so you I'm just gonna specify
the location I want to store it in so
root desktop and I'm gonna give it a
name so I'm just gonna give it up now
this is where social engineering comes
into play now obviously most you know if
we're talking generally speaking and I
know I'm doing this on my lab but in in
in reality now web servers are probably
going to be monitored by the you know by
security teams and they're going to be
snooping around for you know weird weird
files with weird naming so if you name
it backdoor you know you're just looking
for trouble and that can you know that
can expose you really
badly and you know I'm talking I know
I'm talking from a blackheads
perspective but I'm just giving you an
idea of how you know how these things
are thought through so what I will do is
out name it something like let's see
something interesting like as you saw in
the previous video a for for redirect
alright so for for dot php' right that
is the extension that we're going to use
so now if when I hit enter it's going to
generate it
there we are generated backdoor with
password 1 2 3 4 5 enroute desktop and
it's 1 4 6 9 bytes in terms of its size
and here it is so it's a PHP file if you
open it up everything is encoded so it's
you know if anyone found it it would be
a matter of of you know reverse
engineering it alright so we need to
upload this to the server and luckily
for us we have the file manager
installed on WordPress and you know it's
really really simple to do this and
obviously if you crack the ftp protocol
you can also upload it like that so one
would go to the wordpress file manager
and you need to upload it to the root
directory otherwise you have to you know
go through subdomains which is also a
great idea if you upload it you know in
with the image specification and use
image upload vulnerabilities you know
that that's basic web penetration
testing but for this which is going to
keep it simple you know I'm just gonna
right click and I'm gonna whoops it's
not allowing me to upload there your
upload files and I'm gonna select the
file which is on my desktop there are 4
for dot PHP and it's already uploaded
and now you know usually if I hit a
unknown web page it would reply with
something that is completely vague right
so what I will do now is I will just I
will enter the address so 191 168 point
one point 108 and 404 dot PHP because
it's uploaded locally through the you
know local directory so I'm just going
to enter and there you are
now this is a good sign if it doesn't
give you any result it means that the
script is already active now you might
be wondering well what we do now how do
we connect to this
well we connect to it using we've Lee
alright so let's get start
with that right now all right so what
you're gonna do is really really very
simple we're just gonna use we've Lee
we've Lee as the command obviously and
and now we need to connect to it so
we're going to specify the web page so
HTTP we have to use the protocol so
192.168.1.1 o8 and we are connecting to
that script or that shell so 404 whoops
dot PHP and then we specify the password
which in this case was one two three
four five and it should exploit it
immediately or give us backdoor access
somebody's gonna enter and there we are
and now we can execute commands awesome
man this is so cool so if I hit LS you
can see we can access all the files that
exist on the website and this is
extremely dangerous you know this is
just giving you access to anything on
the web server and you know you have
complete access of everything and as you
can see if it's running on a server
which it is you can then you know
navigate backwards and you're
essentially in the in the root directory
of the entire Linux server which you can
you know exploit further and cause a lot
of damage now that again I'm passing out
it as a disclaimer I do not encourage
you doing this to any site because this
you know this can cause a lot of damage
and yeah that's essentially how to
generate a backdoor I know it's pretty
pretty simple but again really really
powerful but the real trick is as we
know is exploiting a system that is the
real trick you know once you're in you
can do a lot of damage and you can
maintain access and these systems
administrators wouldn't even know the
thing you know usually well I actually
had first-hand experience with this
where I was a system and administrator
and you know the image it was actually
hidden in the images folder we're using
you know the image upload
vulnerabilities that essentially allowed
a user to exploit at the upload system
where the user was able to you know with
burp suite were able to modify the the
upload they're essentially able to to
change the extension of the image to a
PHP file after they had uploaded it and
then you know through burps we did for
did it
and the packets and it got sent and the
images uploaded and you know there you
go
exploited as simple as that so again
website security is also supposed to be
top-notch and yeah hopefully you guys
found value in this video if you did
please leave a like down below if you
have any questions or suggestions let me
know in the comment section down below
or you can hit me up on my social
networks if you have any personal
questions hit me up on kik and yeah
thank you so much for qing guys I'll be
seeing you in the next video peace
[Music]
About this Video
4.96/5
Rating
Sep 22, 2025
Last updated
Related Exams
Video Description: Generating A PHP Backdoor with weevely - Post Exploitation for Software Development 2025 is part of Get to know Ethical Hacking (English) preparation.
The notes and questions for Generating A PHP Backdoor with weevely - Post Exploitation have been prepared according to the Software Development exam syllabus.
Information about Generating A PHP Backdoor with weevely - Post Exploitation covers all important topics for Software Development 2025 Exam.
Find important definitions, questions, notes, meanings, examples, exercises and tests below for Generating A PHP Backdoor with weevely - Post Exploitation.
Introduction of Generating A PHP Backdoor with weevely - Post Exploitation in English is available as part of our Get to know Ethical Hacking (English) for Software Development & Generating A PHP Backdoor with weevely - Post Exploitation in
Hindi for Get to know Ethical Hacking (English) course. Download more important topics related with notes, lectures and mock test series for
Software Development Exam by signing up for free.
Description
Video Lecture & Questions for Generating A PHP Backdoor with weevely - Post Exploitation Video Lecture | Get to know Ethical Hacking (English) - Software Development - Software Development full syllabus preparation | Free video for Software Development exam to prepare for Get to know Ethical Hacking (English).
Information about Generating A PHP Backdoor with weevely - Post Exploitation
Here you can find the meaning of Generating A PHP Backdoor with weevely - Post Exploitation defined & explained in the simplest way possible.
Besides explaining types of Generating A PHP Backdoor with weevely - Post Exploitation theory, EduRev gives you an ample number of questions to practice Generating A PHP Backdoor with weevely - Post Exploitation tests,
examples and also practice Software Development tests.
Related Searches
Free
,mock tests for examination
,Important questions
,past year papers
,Generating A PHP Backdoor with weevely - Post Exploitation Video Lecture | Get to know Ethical Hacking (English) - Software Development
,ppt
,Exam
,Summary
,MCQs
,Previous Year Questions with Solutions
,Extra Questions
,practice quizzes
,Objective type Questions
,shortcuts and tricks
,study material
,Semester Notes
,video lectures
,Generating A PHP Backdoor with weevely - Post Exploitation Video Lecture | Get to know Ethical Hacking (English) - Software Development
,Sample Paper
,Generating A PHP Backdoor with weevely - Post Exploitation Video Lecture | Get to know Ethical Hacking (English) - Software Development
,Viva Questions
;
Study Generating A PHP Backdoor with weevely - Post Exploitation on the App
Students of Software Development can study Generating A PHP Backdoor with weevely - Post Exploitation alongwith tests & analysis from the EduRev app,
which will help them while preparing for their exam. Apart from the Generating A PHP Backdoor with weevely - Post Exploitation,
students can also utilize the EduRev App for other study materials such as previous year question papers, syllabus, important questions, etc.
The EduRev App will make your learning easier as you can access it from anywhere you want.
The content of Generating A PHP Backdoor with weevely - Post Exploitation is prepared as per the latest Software Development syllabus.
|
© EduRev
|
Education Revolution
|
|
Signup on EduRev and stay on top of your study goals
10M+ students crushing their study goals daily