Simple HTTPs servers

Posted on by pornstar

I love the SimpleHTTPServer module on Python. It sets up a quick HTTP server when you are in dire need of a simple way to download files to a target.

root@Kali:~# python -m SimpleHTTPServer
Serving HTTP on 0.0.0.0 port 8000 ...

On a real assignment however I need two extra options :

  • Add an SSL layer to escape content inspection by annoying proxies
  • Upload files to a quick and dirty C2C server

SimpleHTTPServer as its name indicates is simple… So let’s tweak this a bit to achieve what we want.

Simple SSL server

I found this awesome simple python script that does it all so I won’t even bother coding one :

# to execute : python simpleHTTPsServer.py

import BaseHTTPServer, SimpleHTTPServer
import ssl

httpd = BaseHTTPServer.HTTPServer(('localhost', 4443), SimpleHTTPServer.SimpleHTTPRequestHandler)
httpd.socket = ssl.wrap_socket (httpd.socket, certfile='./server.pem', server_side=True)
httpd.serve_forever()

Before launching it, we need to generate a server certificate. If you have a one signed by a valid authority, please by all means… For those who want a quick and dirty fix, you can generate your own certificate with the following command :

root@Kali #: openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes

To communicate in PowerShell with a self signed certificate, do not forget to add the following instruction before calling the download (or upload) function:

PS > [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};

File upload

To upload file is a bit more trick and require handling HTTP methods, response codes, etc. I found an interesting script that works well but on HTTP. I did the following small adjustments to make it run on HTTPs (and fixed some errors that bothered me with a PowerShell agent):

[...]
if __name__ == '__main__':
-   test()
+   httpd = BaseHTTPServer.HTTPServer(('0.0.0.0', 443), SimpleHTTPRequestHandler)
+   httpd.socket = ssl.wrap_socket (httpd.socket, certfile='./server.pem', server_side=True)
+   print "Listening on port 443..."
+   httpd.serve_forever()
[...]

You can find the adjusted code on HFB’s Github repo.

Hope this post will spare someone a few minutes/hours of testing and searching for reliable ways to download/upload files on a quick assignment.

Leave a Reply