-
Notifications
You must be signed in to change notification settings - Fork 605
Home
Emilio edited this page Dec 26, 2019
·
2 revisions
Follow the following tutorials to learn how to install and start playing with Weevely.
Web administration
Weevely simplifies the administration of your web account, especially with unprivileged accounts such as free hosting services and other shared environments.
- Download and install web applications - install Wordpress with two commands
- Edit SQL database and code of a web application - adjust Wordpress to use another DB
-
Bypass PHP long running tasks limit - tweaking
max_execution_time
Penetration Testing and Red Team
Weevely is an essential tool for post exploitation tasks like privilege escalation and access maintained even in restricted environments.
- Proxy HTTP and HTTPS traffic - tunnel your HTTP/HTTPS traffic through the target
- Harvest SQL credentials - horizontal privilege escalation
- Extract /etc/passwd content with no read access - usernames info gathering
- Brute force SQL credentials - SQL passwords brute force on target
- Clean IP address from logs - Remove the track from access logs
- Bypass disabled system shell functions via mod_cgi and .htaccess