PentestPilot/bin/transfer/serve.py

#!/usr/bin/env python3
import http.server, socketserver, os, cgi, sys

PORT = int(os.environ.get('PORT', sys.argv[1] if len(sys.argv) > 1 else 8000))
UPLOAD_DIR = os.environ.get('UPLOAD_DIR', '.')

class Handler(http.server.SimpleHTTPRequestHandler):
    def list_directory(self, path):
        # Add simple upload form to listing
        r = super().list_directory(path)
        try:
            r.seek(0)
            content = r.read().decode('utf-8', 'ignore')
            form = (
                "<hr><h3>Upload</h3>"
                "<form ENCTYPE='multipart/form-data' method='post' action='/upload'>"
                "<input name='file' type='file'/>"
                "<input type='submit' value='upload'/></form>"
            )
            content = content.replace('</body>', form + '</body>')
            r = bytes(content, 'utf-8')
            self.send_response(200)
            self.send_header("Content-type", "text/html; charset=utf-8")
            self.send_header("Content-Length", str(len(r)))
            self.end_headers()
            self.wfile.write(r)
            return None
        except Exception:
            return super().list_directory(path)

    def do_POST(self):
        if self.path != '/upload':
            self.send_error(404, "Unknown endpoint")
            return
        form = cgi.FieldStorage(
            fp=self.rfile,
            headers=self.headers,
            environ={'REQUEST_METHOD': 'POST', 'CONTENT_TYPE': self.headers['Content-Type']}
        )
        if 'file' not in form:
            self.send_error(400, "No file field")
            return
        field = form['file']
        filename = os.path.basename(field.filename) if field.filename else 'upload.bin'
        dest = os.path.join(UPLOAD_DIR, filename)
        with open(dest, 'wb') as f:
            data = field.file.read()
            f.write(data)
        self.send_response(200)
        self.end_headers()
        self.wfile.write(f"Uploaded {filename} ({len(data)} bytes)\n".encode())

if __name__ == '__main__':
    with socketserver.TCPServer(("0.0.0.0", PORT), Handler) as httpd:
        print(f"[*] Serving HTTP on 0.0.0.0:{PORT}, upload dir: {UPLOAD_DIR}")
        try:
            httpd.serve_forever()
        except KeyboardInterrupt:
            pass