Weevely command backdoor_meterpreter

Guys I’m beginner in security and pen testing so I started to get my hands dirty on DVWA. I prepared a backdoor script with weevely and uploaded it to DVWA. Now I tried many weevely commands to enjoy the backdoor I injected on the sever and tried to be complex into it by trying backdoor_meterpreter command. But I’m confused now as command doesn’t execute as intended and rather throws a pop up which I’ve uploaded in


As it instructs me I executed the same command in a parallel shell with a hope that it would turn listener on. But still I’m not getting the required meterpreter session on weevely and it’s requiring a listener to be put on first. I tried to check it on web but unfortunately not much help is available for commands of weevely.

How to add session cookie in weevely?

I am pentesting a website and I was successful in uploading a php backdoor and finding the path of the backdoor. The only issue is that in order to gain access to the uploaded file I need to be logged in with my account. i can do this by adding my session cookies in weevely but how can I add my session cookies in weevely to access the backdoor file? Is there a way to do this or is it possible?

What is the difference between weevely and php shell created by msfvenom?

Both comes preinstalled on Kali. Msfvenom can generate php shell and weevely is a dedicated tool for the same. What exactly is the difference between the two? I am sure folks at Offensive Security won’t include the same tools that do the exact same thing.

My assumption is weevely is the same and uses msfvenom to generate php shell.