Simple Executable HTTP Server for pentester

AliBawazeEer
1 min readOct 22, 2018

--

recently i was in engagement and needed to download large file from the compromised machine , i was unable to get it from TFTP neither from cert-util .

i had to create a simple python script that launch mini HTTP web server and convert it to exe since it was windows machine and does not have python installed .

import http.server
import socketserver
import sys
import socket
import os


if len(sys.argv) > 1:
try:
PORT = int(sys.argv[1])
except ValueError:
PORT = -1
else:
PORT = 8000

print("WinSimpleHTTP ----v1.1--------------------")

if PORT < 2 or PORT > 65535:
print("Invalid Port : " , str(PORT))
print("Port must be 2-65535")
print("------------------------------------------")
else:
path = os.path.dirname(os.path.realpath(__file__))

ip = [l for l in ([ip for ip in socket.gethostbyname_ex(socket.gethostname())[2] if not ip.startswith("127.")][:1], [[(s.connect(('8.8.8.8', 53)), s.getsockname()[0], s.close()) for s in [socket.socket(socket.AF_INET, socket.SOCK_DGRAM)]][0][1]]) if l][0][0]


Handler = http.server.SimpleHTTPRequestHandler
httpd = socketserver.TCPServer(("", PORT), Handler)
print(path , " ---> ", ip , ":" ,str(PORT))
print("you are connected now try to access the server from the other machine")
httpd.serve_forever()

--

--