Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/projectdiscovery/simplehttpserver

Go alternative of python SimpleHTTPServer
https://github.com/projectdiscovery/simplehttpserver

gohttpserver simplehttpserver

Last synced: 3 months ago
JSON representation

Go alternative of python SimpleHTTPServer

Awesome Lists containing this project

README 

        
SimpleHTTPserver


Go alternative of python SimpleHTTPServer






















  Features
  Usage
  Installation
  Run SimpleHTTPserver
  Join Discord




---



SimpleHTTPserver is a go enhanced version of the well known python simplehttpserver with in addition a fully customizable TCP server, both supporting TLS.



# Features



- HTTP/S Web Server

- File Server with arbitrary directory support

- HTTP request/response dump

- Configurable ip address and listening port

- Configurable HTTP/TCP server with customizable response via YAML template



# Installing SimpleHTTPserver



SimpleHTTPserver requires **go1.17+** to install successfully. Run the following command to get the repo - 



```sh

go install -v github.com/projectdiscovery/simplehttpserver/cmd/simplehttpserver@latest

```



# Usage



```sh

simplehttpserver -h

```



This will display help for the tool. Here are all the switches it supports.



| Flag             | Description                                             | Example                                            |

|------------------|---------------------------------------------------------|----------------------------------------------------|

| `-listen`        | Configure listening ip:port (default 127.0.0.1:8000)    | `simplehttpserver -listen 127.0.0.1:8000`          |

| `-path`          | Fileserver folder (default current directory)           | `simplehttpserver -path /var/docs`                 |

| `-verbose`       | Verbose (dump request/response, default false)          | `simplehttpserver -verbose`                        |

| `-tcp`           | TCP server (default 127.0.0.1:8000)                     | `simplehttpserver -tcp 127.0.0.1:8000`             |

| `-tls`           | Enable TLS for TCP server                               | `simplehttpserver -tls`                            |

| `-rules`         | File containing yaml rules                              | `simplehttpserver -rules rule.yaml`                |

| `-upload`        | Enable file upload in case of http server               | `simplehttpserver -upload`                         |

| `-max-file-size` | Max Upload File Size (default 50 MB)                    | `simplehttpserver -max-file-size 100`              |

| `-sandbox`       | Enable sandbox mode                                     | `simplehttpserver -sandbox`                        |

| `-https`         | Enable HTTPS in case of http server                     | `simplehttpserver -https`                          |

| `-http1`         | Enable only HTTP1                                       | `simplehttpserver -http1`                          |

| `-cert`          | HTTPS/TLS certificate (self generated if not specified) | `simplehttpserver -cert cert.pem`                  |

| `-key`           | HTTPS/TLS certificate private key                       | `simplehttpserver -key cert.key`                   |

| `-domain`        | Domain name to use for the self-generated certificate   | `simplehttpserver -domain projectdiscovery.io`     |

| `-cors`          | Enable cross-origin resource sharing (CORS)             | `simplehttpserver -cors`                           |

| `-basic-auth`    | Basic auth (username:password)                          | `simplehttpserver -basic-auth user:password`       |

| `-realm`         | Basic auth message                                      | `simplehttpserver -realm "insert the credentials"` |

| `-version`       | Show version                                            | `simplehttpserver -version`                        |

| `-silent`        | Show only results                                       | `simplehttpserver -silent`                         |

| `-py`            | Emulate Python Style                                    | `simplehttpserver -py`                             |

| `-header`        | HTTP response header (can be used multiple times)       | `simplehttpserver -header 'X-Powered-By: Go'`      |



### Running simplehttpserver in the current folder  



This will run the tool exposing the current directory on port 8000 



```sh

simplehttpserver



2021/01/11 21:40:48 Serving . on http://0.0.0.0:8000/...

2021/01/11 21:41:15 [::1]:50181 "GET / HTTP/1.1" 200 383

2021/01/11 21:41:15 [::1]:50181 "GET /favicon.ico HTTP/1.1" 404 19

```



### Running simplehttpserver in the current folder with HTTPS



This will run the tool exposing the current directory on port 8000 over HTTPS with user provided certificate:



```sh

simplehttpserver -https -cert cert.pen -key cert.key



2021/01/11 21:40:48 Serving . on http://0.0.0.0:8000/...

2021/01/11 21:41:15 [::1]:50181 "GET / HTTP/1.1" 200 383

2021/01/11 21:41:15 [::1]:50181 "GET /favicon.ico HTTP/1.1" 404 19

```



Instead, to run with self-signed certificate and specific domain name:

```sh

simplehttpserver -https -domain localhost



2021/01/11 21:40:48 Serving . on http://0.0.0.0:8000/...

2021/01/11 21:41:15 [::1]:50181 "GET / HTTP/1.1" 200 383

2021/01/11 21:41:15 [::1]:50181 "GET /favicon.ico HTTP/1.1" 404 19

```



### Running simplehttpserver with basic auth and file upload



This will run the tool and will request the user to enter username and password before authorizing file uploads



```sh

simplehttpserver -basic-auth root:root -upload



2021/01/11 21:40:48 Serving . on http://0.0.0.0:8000/...

```



To upload files use the following curl request with basic auth header:

```sh

curl -v --user 'root:root' --upload-file file.txt http://localhost:8000/file.txt

```



### Running TCP server with custom responses



This will run the tool as TLS TCP server and enable custom responses based on YAML templates:



```sh

simplehttpserver -rules rules.yaml -tcp -tls -domain localhost

```



The rules are written as follows:

```yaml

rules:

  - match: regex-match

    match-contains: literal-match

    name: rule-name

    response: response data

```



For example to handle two different paths simulating an HTTP server or SMTP commands:

```yaml

rules:

  # HTTP Requests

  - match: GET /path1

    name: redirect

    response: |

              HTTP/1.0 200 OK

              Server: httpd/2.0

              x-frame-options: SAMEORIGIN

              x-xss-protection: 1; mode=block

              Date: Fri, 16 Apr 2021 14:30:32 GMT

              Content-Type: text/html

              Connection: close



              top.location.href='/Main_Login.asp';

              

  - match: GET /path2

    name: "404"

    response: |

              HTTP/1.0 404 OK

              Server: httpd/2.0

            

              Not found

  # SMTP Commands

  - match: "EHLO example.com"

    name: smtp 

    response: |

              250-localhost Nice to meet you, [127.0.0.1]

              250-PIPELINING

              250-8BITMIME

              250-SMTPUTF8

              250-AUTH LOGIN PLAIN

              250 STARTTLS

  - match: "MAIL FROM: "

    response: 250 Accepted

  - match: "RCPT TO: "

    response: 250 Accepted



  - match-contains: !!binary |

      MAwCAQFgBwIBAwQAgAA=

    name: "ldap"

    # Request:  300c 0201 0160 0702 0103 0400 8000       0....`........

    # Response: 300c 0201 0161 070a 0100 0400 0400       0....a........

    response: !!binary |

      MAwCAQFhBwoBAAQABAA=

```



## Note



- This project is intended for development purposes only; it should not be used in production.



# Thanks



SimpleHTTPserver is made with 🖤 by the [projectdiscovery](https://projectdiscovery.io) team.