Provided by: weevely_4.0.2-1_all 
NAME
Weevely - Weaponized web shell
DESCRIPTION
A web shell designed for post-exploitation purposes that can be extended over the network at runtime.
Upload weevely PHP agent to a target web server to get remote shell access to it. Once connected you can
make use of the more than 30 modules to assist administrative tasks, maintain access, provide situational
awareness, elevate privileges, and spread into the target network.
SYNOPSIS
Run terminal to the target
weevely <URL> <password> [cmd]
Generate backdoor agent
weevely generate <password> <path>
Load session file
weevely session <path>
Features
• Shell access to the target
• SQL console pivoting on the target
• HTTP/HTTPS proxy to browse through the target
• Upload and download files
• Spawn reverse and direct TCP shells
• Audit remote target security
• Run Meterpreter payloads
• Port scan pivoting on target
• Mount the remote filesystem
• Bruteforce SQL accounts pivoting on the target
Agent
The agent is a small, polymorphic PHP script hardly detected by AV and the communication protocol is
obfuscated within HTTP requests.
Modules
Module Description
───────────────────────────────────────────────────────────────────────────
:audit_filesystem Audit the file system for weak permissions.
:audit_suidsgid Find files with SUID or SGID flags.
:audit_disablefunctionbypass Bypass disable_function restrictions with
mod_cgi and .htaccess.
:audit_etcpasswd Read /etc/passwd with different techniques.
:audit_phpconf Audit PHP configuration.
:shell_sh Execute shell commands.
:shell_su Execute commands with su.
:shell_php Execute PHP commands.
:system_extensions Collect PHP and webserver extension list.
:system_info Collect system information.
:system_procs List running processes.
:backdoor_reversetcp Execute a reverse TCP shell.
:backdoor_tcp Spawn a shell on a TCP port.
:backdoor_meterpreter Start a meterpreter session.
:bruteforce_sql Bruteforce SQL database.
:file_gzip Compress or expand gzip files.
:file_clearlog Remove string from a file.
:file_check Get attributes and permissions of a file.
:file_upload Upload file to remote filesystem.
:file_webdownload Download an URL.
:file_tar Compress or expand tar archives.
:file_download Download file from remote filesystem.
:file_bzip2 Compress or expand bzip2 files.
:file_edit Edit remote file on a local editor.
:file_grep Print lines matching a pattern in multiple
files.
:file_ls List directory content.
:file_cp Copy single file.
:file_rm Remove remote file.
:file_upload2web Upload file automatically to a web folder
and get corresponding URL.
:file_zip Compress or expand zip files.
:file_touch Change file timestamp.
:file_find Find files with given names and attributes.
:file_mount Mount remote filesystem using HTTPfs.
:file_enum Check existence and permissions of a list
of paths.
:file_read Read remote file from the remote
filesystem.
:file_cd Change current working directory.
:sql_console Execute SQL query or run console.
:sql_dump Multi dbms mysqldump replacement.
:net_mail Send mail.
:net_phpproxy Install PHP proxy on the target.
:net_curl Perform a curl-like HTTP request.
:net_proxy Run local proxy to pivot HTTP/HTTPS
browsing through the target.
:net_scan TCP Port scan.
:net_ifconfig Get network interfaces addresses.
SEE ALSO
https://github.com/epinna/weevely3/wiki
AUTHOR
weevely is developed by The Weevely Developers, this manpage was made by Emilio <epinna> and Samuel
Henrique <samueloph@debian.org> based on weevely's README.md and can be used by other projects as well.
weevely 3.7.0 October 2018 WEEVELY(1)