Weevely creates a PHP backdoor on webservers running PHP. It is pretty straightforward to use, and pretty easy to get onto a webserver. You get to it through Applications | PostExploitation | Weevely:
When you first launch Weevely from the menu, it opens a terminal window and gently chides you about using the script improperly:
This is actually a more helpful doc string than the
weevely --help command gives:
We know now that we ...