SANS Penetration Testing

Pen Test Poster: "White Board" - Python - Pythonic Web Server

Board Elements_clean_Pythonic Web Server

This is such a great little tip. I use this quite frequently during my day to day operations to transfer files back and forth between systems or to colleagues. This wonderful little command will start a web server and make the contents of the folder that the command is launched from available for download. I think once you've committed it to memory you will find it useful in many situations.

Here it is:


python -m SimpleHTTPServer <port number>


Here is an example that starts a web server listening on port 9000.


student@573:~$ python -m SimpleHTTPServer 9000

Serving HTTP on port 9000 ...


Once you've run that command any computer that can reach your host via its IP address can access port 9000 with a web browser. In this example, the command 'python -m "SimpleHTTPServer" 9000' was run from my home directory so the user can see my .bash_history and all of the other files that are in my home folder.




This functionality is very useful for allowing other computers to download files from your computer. But this little web server can also be used to quickly setup a phishing website. The script will act as a normal web server if it finds a file called index.html file in the directory where it is launched. Here is a quick example. I'll use the echo command to create a file called "index.html" in my home directory and restart the server.


student@573:~$ echo "<HTML><BODY>IT WORKED</BODY></HTML>" > index.html

student@573:~$ python -m SimpleHTTPServer 9000

Serving HTTP on port 9000 ...


Now I'll refresh my web browser to see the newly created page.




In fact, it did work perfectly! This command will work on Linux and Windows systems that are running Python 2 as their default interpreter. Today, according to Python PEP 394 all Linux systems should have Python 2 as their default interpreter. But, Python 2 is being retired in the year 2020 and you should be looking ahead at how to perform these actions on Python 3. Here is a version of the command that will work with Python 3.


student@573:~$ python3 -m http.server 9000

Serving HTTP on port 9000 ...


You may be wondering, "what exactly does this little command do"? The Python help tells us the "-m" option will "run a module as a script". That is true, but it may be easier for you to think of it as a shortcut that asks Python to find the specified module within its PYTHONPATH and launch it. If you know the location of that module you could in fact run it as a script and get the same result.


student@573:~$ python /usr/lib/python2.7/ 8000

Serving HTTP on port 8000 ...


OR on Python 3 you could do this.


student@573:~$ python3 /usr/lib/python3.5/http/ 8080

Serving HTTP on port 8080 ...


For more tips like this and details on the inner workings of Python modules check out SEC573: Automating Information Security with Python.


Mark Baggett


Upcoming SANS Special Event - 2018 Holiday Hack Challenge


SANS Holiday Hack Challenge - KringleCon 2018

  • Free SANS Online Capture-the-Flag Challenge
  • Our annual gift to the entire Information Security Industry
  • Designed for novice to advanced InfoSec professionals
  • Fun for the whole family!!
  • Build and hone your skills in a fun and festive roleplaying like video game, by the makers of SANS NetWars
  • Learn more:
  • Play previous versions from free 24/7/365:

Player Feedback!

  • "On to level 4 of the #holidayhackchallenge. Thanks again @edskoudis / @SANSPenTest team." - @mikehodges
  • "#SANSHolidayHack Confession — I have never used python or scapy before. I got started with both today because of this game! Yay!" - @tww2b
  • "Happiness is watching my 12 yo meet @edskoudis at the end of #SANSHolidayHack quest. Now the gnomes #ProudHackerPapa" - @dnlongen

Post a Comment


* Indicates a required field.