Weevely 0.5

Started by Emilio, December 29, 2011, 02:52:04 PM

Previous topic - Next topic

Emilio

Weevely 0.5 is included in Backbox repositories with new interesting features

* Backdoor communication hidden in Cookie requests
* Communications encoded using NIDS evasion techniques (any request is randomically obfuscated to bypass signature detection)
* Backdoor PHP code randomically obfuscated to hide common backdoor functions (base64_decode, rot13, strrev, ...)
* Modules architecture with >20 modules for every kind of maintain access/post-exploit task
* Various audit modules to enumerate confidentials user files, /etc/passwd entries, etc.
* Various sql modules to provide a complete remote SQL console, dump database and other utilities

Official site:
http://code.google.com/p/weevely/

Tar download link:
http://weevely.googlecode.com/files/weevely-0.5.tar.gz

Backbox debian download link:
http://weevely.googlecode.com/files/weevely_0.5-0backbox1_all.deb

A brief italian article about version 0.5 changes is disponible on dissecting blog:
http://disse.cting.org/blog/2011/12/28/weevely-0.5-nids-evasion-cooki...

An italian article about weevely modules architecture:
http://disse.cting.org/blog/2011/08/28/modular-weevely/


Cheers
Emilio